AWS Security Hub Reviews

We use AWS Security Hub to find vulnerabilities. We can check if an IAM user has multiple policies. We can check whether it is directly attached to the user and not attached to the group.

We take precautionary steps instead of responding to vulnerabilities. We haven’t faced any security breaches or vulnerabilities yet. We use GuardDuty. It provides us with information about IPs so that we can block them. We can restrict the IP from entering our network.

The solution shows us our compliance score. Based on the score, we can check what is preventing our compliance score from becoming 100%. The tool provides an explanation and steps for remediation. We can easily assign tasks to juniors. Even people without experience can understand the remedies.

The support must be quicker.

I have been using the solution for three to four years.

I rate the tool’s scalability an eight out of ten. We manage various customers. We use the Security Hub in every project. Some customers do not use AWS. They use Prisma. However, Prisma has similar features.

I raise support requests to the support team. If we raise tickets that impact services, we get quick support. If we raise a normal ticket that does not impact services, we do not get quick support.

Neutral

The initial setup is easy. Anyone can do it.

I have used Prisma and Qualys. They have the same approach as AWS. Instead of purchasing a third-party solution, we choose Security Hub. It is an in-built tool in AWS.

We are partners. I will recommend the tool to others. It is better to use an in-built tool like AWS Security Hub than using a third-party solution. It helps with compliance. Overall, I rate the solution a ten out of ten.

The use case of AWS Security Hub is to manage the compliance part. It is a CSPM tool that helps you understand the compliance level of your infrastructure in the cloud. The tool gives you a score considering the levels of compliance you follow.

The most valuable feature of the solution stems from the fact that it is easy to manage, and a user of AWS does not have to log in to different consoles. If you have an AWS infrastructure, then it works fine. If you have multiple cloud infrastructures in your organization that may consist of cloud services from AWS, Azure, or GCP, then the tool may not be that effective since it can be described as a native tool for AWS.

From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool. It should be made possible to integrate some of the other tools with AWS Security Hub so that it can give you complete visibility of the product.

AWS Security Hub needs a lot of improvement since it is a native tool meant for AWS products only. For providing compliance, a number of tools are available in the market to take care of the protection part.

In the future, AWS needs to implement a single dashboard and make different kinds of modules available. To use it as a CSPM tool, you must go with AWS Security Hub, Amazon Inspector, and AWS Config. AWS Security Hub needs to introduce a single dashboard that allows a security person to go and log in, see the status, and take action if necessary.

I have been using AWS Security Hub for three to four years. I work as an integrator, and my company has partnerships with many companies involved in OEM tools.

Stability-wise, I rate the solution a seven out of ten.

It is a scalable solution.

I have implemented AWS Security Hub for five to six customers of our company.

AWS office has two types of support, namely business and standard. If you have opted for standard support, then it will be very complex to connect with the technical staff of AWS. If you have opted for business support, then the technical staff of AWS will connect with you within a minute. Business support is paid support.

The initial setup of AWS Security Hub was straightforward.

The product's deployment process is very easy and can be completed within an hour. As soon as you enable the product, it works. The product doesn't require the user to undergo any other implementation phases since it is a tool that you just have to enable in your environment to make it work across your environment.

The product's deployment process is very easy since you just need to log in to the control before going to Security Hub to enable it. You may enable AWS Security Hub in which account you want to enable.

The solution is deployed on the cloud.

One or two staff members are enough to manage the solution's deployment and maintenance. If you have a bigger environment with thousands of machines, then one or two people are enough to take care of the visibility part of the solution, but the maintenance will require a large number of staff members.

AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use.

If a person only wants a CSPM tool, then they can go with AWS Security Hub. If a person wants the product to be more than just a CSPM tool, then they need to evaluate the solutions available in the market.

I rate the overall tool a seven out of ten.

We use AWS Security Hub for cloud security posture management and automated remediation.

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud. We can integrate the findings of different services into AWS Security Hub and analyze our cloud infrastructure based on that. We inform the owners if we find anything that is non-compliant or does not adhere to the security best practices.

We are facing some cost-related issues with the solution. We integrated a couple of services into AWS Security Hub, and some rules are not required for our environment. However, the assessment happens based on those rules, and we have to pay some additional costs.

We need some customization into the compliances whenever we enable specific compliances. We need more granular-level customizations to enable or disable the rules in AWS Security Hub.

Suppose we enabled one of the compliances and have more than 100 rules for that compliance. If one of the customers is not using all the services, those services are not really used in the environment. We are looking for some customizations to disable that rule so that the scanning will not happen based on that rule, and we can save some cost.

I have been using AWS Security Hub for four years.

I rate the solution a nine out of ten for stability.

Not all users in my organization have access to AWS Security Hub. Our security and cloud engineering teams actively use the solution in our organization.

I rate the solution an eight out of ten for scalability.

The technical support is good from a security perspective because AWS provides 24/7 support for all the services.

Positive

I have worked with different solutions, but not for the same organization. I have worked with different third-party tools like Prisma for cloud security posture management.

The initial setup of the solution is easy. We did some automation within the Lambda functions. If we onboard a new account, Lambda functions will help us enable AWS Security Hub into that account and send the findings to the administrator account.

The solution can be implemented in less than five minutes.

We integrated AWS Security Hub with Jira. If we find new findings in AWS Security Hub, the tickets get automatically created in Jira. If the automated remediation solution is available for a specific rule, it gets automatically remediated, and the ticket is closed by adding some comments. We have integrated AWS and GuardDuty into AWS Security Hub. Scanning, findings, and alerting are the most effective features of AWS Security Hub.

Integrating AWS Security Hub with other AWS services lets you see all the findings within your account from a single dashboard. I would recommend AWS Security Hub to users who don't have a multi-cloud environment.

Overall, I rate the solution a seven out of ten.

I have been using the solution for monitoring AWS, and Security Hub helped me view the security of my cloud.

Cloudposse is a valuable feature as it guarantees my security.

AWS Security Hub's configuration and integration are areas where it lacks and needs to improve.

I have been using AWS Security Hub for five years. I am a user of the solution.

It is a stable solution.

It is a scalable solution.

The initial setup is easy. It requires little to no maintenance. The solution is deployed on the cloud.

The pricing is fine. It is not an expensive tool.

I rate the overall solution an eight out of ten.

We use AWS Security Hub for monitoring various malware activities, DDoS attacks, and other attacks. We have a dedicated team looking after these constant issues.

I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive.

The solution is also easy to integrate with AWS Cloud because it's an AWS product. However, if my company goes for a hybrid deployment, it still needs some analysis of whether AWS Security Hub can be easily integrated with hybrid models.

Right now, there are some difficulties we're facing with AWS Security Hub, and we need our central team to mitigate the issues. Otherwise, the number of incidents will keep increasing, and monitoring will become problematic.

For example, whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved.

In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility.

I last worked with AWS Security Hub six months ago.

We're not having any issues with AWS Security Hub, scalability-wise. We have multiple accounts on AWS Security Hub, and triggers are generated from the central account. From there, we'll accept the request so that all incidents will be diverted toward the central team that does the monitoring. We'll then receive an alarm if there's been any breach, and accordingly, we'll look into whether the concerned IP is from our set of listed IPs or not. Otherwise, we'll implement them. We're still in the analysis phase for AWS Security Hub, though, so we'll be able to give a more accurate comment on stability after we complete our report.

Currently, I'd say AWS Security Hub technical support is good.

There was no complaint about the implementation of AWS Security Hub. It was easy to implement.

I'm not part of the central team, so I have no information on the pricing for AWS Security Hub.

My company works with AWS Security Hub.

I'm working with the latest version of AWS Security Hub, deployed on the private cloud, AWS.

My team is still evaluating AWS Security Hub, as it's only been six months since my company started using it.

Around fifty to sixty projects use AWS Security Hub. In my project, there's one security staff in charge of maintenance. There'll also be a central team or a complete, dedicated security team that will oversee the maintenance of the AWS Security Hub. That team will have ten to twelve members looking after multiple company accounts.

Though I'm still in the initial evaluation phase for AWS Security Hub, I would recommend it to others because it has good features. Still, you need to understand better the various features available to get the maximum benefits from AWS Security Hub.

My rating for AWS Security Hub is seven out of ten.

My company develops products and onboards customers to AWS Security Hub.

I'm part of the implementation team.

AWS Security Hub helps us in centralizing all the different types of findings we have. We can view all the vulnerability findings, configuration issues, or security best practices. We have a consolidated view of an AWS account from a security point of view which is very good.

AWS Security Hub has very good integration features. It allows for AWS native services integration, and it helps us to integrate some of the services outside of AWS. They have partners, such as Amazon Preferred Network Partners (APN). If you have different security tools around APN, we can integrate those findings with AWS Security Hub reducing the need to refer to different portals or different UIs. You can have AWS Security Hub act as a single common go-to dashboard.

AWS Security Hub could improve by having more integration and flexibility with other cloud security solutions on the market. They have integration with AWS solutions and other commercial solutions but not ones that are open-source. If we have more of an open-source integration availability it would be great. 

The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update.

I have been using AWS Security Hub for approximately four years.

The solution is stable.

The technical support is good in my experience, they have been prompt with their service.

The initial setup is very easy and straightforward.

The price of the solution is not very competitive but it is reasonable.

I rate AWS Security Hub an eight out of ten.

I'm a user of this solution and a sales engineer.

The solution is very good at detection and providing real-time alerts.

I think post-share management can be extended further, closer to the data. The solution is not wholly self-sufficient. It would be great if they could make it a multi-cloud solution.

I've been using this solution for one year. 

The solution is stable. 

The solution is scalable. 

They provide good technical support. 

The initial setup is simple but not overly simple. There is still some work to do there. 

I'm satisfied with the pricing.

I would suggest not relying on the cloud provider only. There are other third-party tools that can help with future strategies. Locking into one vendor can create problems and it's a good idea to use security tools from a third party and have multi-hybrid cloud.

I rate the solution seven out of 10. 

This solution is for security posture management for the cloud. It will show the security posture of your cloud infrastructure. It can be used for mapping and it can give you a good insight into whether your infrastructure is secure or not. 

Finding out if your infrastructure is secure is a valuable feature.

The solution will only give you insight if you have configure rule enabled. It should work more like Prisma Cloud and Dome9 which have a better approach. 

The product should not be a region restriction product. It should be global. It should give you the visibility of all the instances that you have for one account, be it in one region or many regions. There should be visibility of all the region in one place.

I have been using the solution for two years.

I had no issues with the stability of the solution.

We have contacted the technical team regarding removing the global restrictions in the product. They have advised us that this is in their roadmap for the future. We have worked with them closely on many issues.

I rate AWS Security Hub a seven out of ten.