• Home
  • AWS Security Hub vs. Wazuh

AWS Security Hub vs Wazuh comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo
AWS Security Hub
Read 17 AWS Security Hub reviews
8,071 views|6,749 comparisons
89% willing to recommend
Wazuh Logo
Wazuh
Read 38 Wazuh reviews
29,433 views|15,888 comparisons
75% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS Security Hub vs. Wazuh
May 2024
Executive Summary

We performed a comparison between AWS Security Hub and Wazuh based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed AWS Security Hub vs. Wazuh Report (Updated: May 2024).
Download the complete report
771,212 professionals have used our research since 2012.
Featured Review
Anonymous User
A centralized dashboard that enables efficient monitoring and management of possible security issues
Md Salim Hossain Hossain
An open-source platform to integrate various products
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS.""The solution shows us our compliance score.""I find all of the features to be highly valuable.""Easily integrates with third-party tools""Very good at detection and providing real-time alerts.""The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources.""AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard.""The platform has valuable features for security."

More AWS Security Hub Pros →

"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions.""It has efficient SCA capabilities.""Good for monitoring, active response, and for vulnerabilities.""Wazuh offers an enhanced HDR version that outperforms its competitors.""My company implemented Wazuh because it was relatively inexpensive. They could quickly get their hands on it to check a box for some audit and compliance.""We use it to find any aberration in our endpoint devices. For example, if someone installs a game on their company laptop, Wazuh will detect it and inform us of the unauthorized software or unintended use of the devices provided by the company.""The MITRE ATT&CK correlation is most valuable.""The tool is stable."

More Wazuh Pros →

Cons
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time.""The solution should be easier to learn and use""AWS Security Hub's configuration and integration are areas where it lacks and needs to improve.""From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool.""The solution lacks self-sufficiency.""It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better.""Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement.""The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach."

More AWS Security Hub Cons →

"Wazuh is missing many things that a typical SIEM should have.""The implementation is very complex.""Its configuration process is time-consuming.""The deployment is a bit complex.""I think that the next release should be more suitable for large enterprises, because currently they are not because large companies do not rely on open source solutions.""The support team could be more responsive and provide quicker replies during our working hours in Indonesia, which would be a significant improvement.""The only challenge we faced with Wazuh was the lack of direct support.""Wazuh doesn't cover sources of events as well as Splunk. You can integrate Splunk with many sources of events, but it's a painful process to take care of some sources of events with Wazuh."

More Wazuh Cons →

Pricing and Cost Advice
  • "The price of the solution is not very competitive but it is reasonable."
  • "The price of AWS Security Hub is average compared to other solutions."
  • "The pricing is fine. It is not an expensive tool."
  • "AWS Security Hub's pricing is pretty reasonable."
  • "There are multiple subscription models, like yearly, monthly, and packaged."
  • "AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
  • "Security Hub is not an expensive solution."

    • More AWS Security Hub Pricing and Cost Advice →

  • "Wazuh is open-source, so I think it's an option for a small organization that cannot go for enterprise-grade solutions like Splunk."
  • "There is not a license required for Wazuh."
  • "Wazuh is open-source, but you must consider the total cost of ownership. It may be free to acquire, but you spend a lot of time and effort supporting the product and getting it to a point where it's useful."
  • "Wazuh is open-source, therefore it is free. You can purchase support for $1,000 a year."
  • "Wazuh is totally free and open source. There are no licensing costs, only support costs if you need them."
  • "Wazuh has a community edition, and I was using that. It's free and open source."
  • "The current pricing is open source."
  • "Wazuh is free and open source."

    • More Wazuh Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    771,212 professionals have used our research since 2012.
    Questions from the Community
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will… more »
    Read all 2 answers   →
    What do you like most about AWS Security Hub?
    Top Answer:The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.
    Read all 12 answers   →
    What needs improvement with AWS Security Hub?
    Top Answer:We are facing some cost-related issues with the solution. We integrated a couple of services into AWS Security Hub, and some rules are not required for our environment. However, the assessment happens… more »
    Read all 12 answers   →
    What do you like most about Wazuh?
    Top Answer:Integrates with various open-source and paid products, allowing for flexibility in customization based on use cases.
    Read all 28 answers   →
    What needs improvement with Wazuh?
    Top Answer:I have built some rules that produce duplicate alerts two or three times. Therefore, these rules should be consolidated. Alerts should be specific rather than repeatedly triggered by integrating… more »
    Read all 28 answers   →
    What is your primary use case for Wazuh?
    Top Answer:We use Wazuh for the onboarding of both Windows and Linux machines, as well as for firewall and SIM configuration. The IP address is automatically blocked if a server has multiple wrong passwords.
    Read all 26 answers   →
    Ranking
    8th
    out of 80 in Security Information and Event Management (SIEM)
    Views
    8,071
    Comparisons
    6,749
    Reviews
    13
    Average Words per Review
    433
    Rating
    7.5
    3rd
    out of 80 in Security Information and Event Management (SIEM)
    Views
    29,433
    Comparisons
    15,888
    Reviews
    31
    Average Words per Review
    479
    Rating
    7.6
    Comparisons
    Learn More
    Amazon Web Services (AWS)
    Wazuh
    Overview

    AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

    The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

    With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

    Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.

    It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.

    • Wazuh’s agent can run on many different platforms, and is lightweight. It can successfully perform the tasks needed to detect threats in order to trigger responses automatically.
    • Wazuh manages the agents, can analyze agent data, and can scale horizontally.
    • Elastic Stack is where alerts are indexed and stored.

    Wazuh Capabilities

    Some of Wazuh’s most notable capabilities include:

    • Intrusion detection: Wazuh’s agents can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses. Wazuh’s server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.

    • Log data analysis: Wazuh can read operating system and application logs, and securely forward them to a central manager for rule-based analysis and storage.

    • Integrity monitoring: File integrity monitoring can help identify changes in content, ownership, permissions, and attribute of files. Wazuh’s file integrity monitoring can be used in conjunction with threat intelligence.

    • Vulnerability detection: Wazuh agents can identify well-known vulnerable software so you can see where your weak spots are and take action before an attack can exploit them.

    • Configuration assessment: System and application configurations are monitored to make sure they are compliant with security policies. Periodic scans are used to detect applications that are known to be vulnerable, insecurely configured, or unpatched.
    • Incident response: Wazuh responds actively when active threats need to be addressed. It can perform countermeasures like blocking access to a system when a threat source is identified.

    • Regulatory compliance: Wazuh includes the security controls required to be compliant with industry regulations and standards.

    • Cloud security: Wazuh’s light-weight and multi-platform agents are commonly used to monitor cloud environments at the instance level. In addition, Wazuh helps monitor cloud infrastructure at an API level.

    • Security for containers: With Wazuh, you have increased security visibility into hosts and containers, allowing for easier detection of threats, anomalies, and vulnerabilities.

    Wazuh Benefits

    Some of the most valued benefits of Wazuh include:

    • No vendor lock-in
    • No license costs
    • Uses lightweight, multi-platform agents
    • Free community support

    Wazuh Offers

    • Annual support and maintenance
    • Assistance with deployment and configuration
    • Training and instructional hands-on courses

    Reviews From Real Users

    "It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited

    The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm

    Sample Customers
    Edmunds, Frame.io, GoDaddy, Realtor.com
    Information Not Available
    Top Industries
    REVIEWERS
    Computer Software Company23%
    Financial Services Firm15%
    Recruiting/Hr Firm8%
    Non Profit8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm12%
    Manufacturing Company8%
    Government7%
    REVIEWERS
    Computer Software Company25%
    Comms Service Provider18%
    Security Firm14%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Comms Service Provider8%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business41%
    Midsize Enterprise18%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise13%
    Large Enterprise64%
    REVIEWERS
    Small Business54%
    Midsize Enterprise28%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business33%
    Midsize Enterprise20%
    Large Enterprise48%
    Buyer's Guide
    AWS Security Hub vs. Wazuh
    May 2024
    Free Report: AWS Security Hub vs. Wazuh
    Find out what your peers are saying about AWS Security Hub vs. Wazuh and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    771,212 professionals have used our research since 2012.

    AWS Security Hub is ranked 8th in Security Information and Event Management (SIEM) with 17 reviews while Wazuh is ranked 3rd in Security Information and Event Management (SIEM) with 38 reviews. AWS Security Hub is rated 7.6, while Wazuh is rated 7.4. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Wazuh writes "It integrates seamlessly with AWS cloud-native services". AWS Security Hub is most compared with Microsoft Sentinel, Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud and Lacework, whereas Wazuh is most compared with Elastic Security, Security Onion, Splunk Enterprise Security, AlienVault OSSIM and Graylog. See our AWS Security Hub vs. Wazuh report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.