We performed a comparison between Amazon Inspector and OneTrust GRC based on real PeerSpot user reviews.
Find out in this report how the two IT Vendor Risk Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The findings dashboards are neat and easy to understand, offering clear demarcations for different types of findings and detailed insights into specific vulnerabilities and their associated instances. It is not a place where everything is dumped together. It offers an easy-to-understand layout."
"The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integrate third-party tools as well. It is just a single-click option."
"The automated vulnerability detection aspect is most valuable."
"The vulnerability discovery is valuable, and they also rank those vulnerabilities for you. So, you could rapidly attack some of the higher, severe vulnerabilities as they pop up, if they do pop up."
"One of the valuable features of this solution is it has the ability to review fourth and fifth parties to the nth degree."
"We receive notifications or cases and prioritize them accordingly, which helps us address issues promptly."
"It does help in the automation of our privacy impact assessments."
"Vendors can be assessed and rated out of the tool, and assessments can be scheduled for updates at certain intervals."
"OneTrust GRC is stable."
"As a solution for IT risks, it is a very good product."
"The product helps us streamline audit and incident management processes."
"There isn't too much to improve right now. Scanning on demand or as a part of the pipeline versus a post pipeline solution would be good, but it is not a deal breaker by any means."
"One major area for improvement is remediation. My team works on remediating findings over time, likely using available patches. However, easier integration with Amazon's patching services would be very helpful."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents."
"They could improve by offering free help. A solution, a lot of times, is not just the use of the solution. For example, it is the overall engagement, how well do they support the system, what is their SLA, and how long their response time is to an issue. It would be beneficial if they had some type of professional services where they offer the first five hours of professional services a year for free. That would be a substantial benefit rather than having to buy professional services or professional services packages."
"I haven't seen any return on investment using the solution. If I had the opportunity, I would use a different solution."
"OneTrust GRC's workflows aren't automated and need to be manually driven."
"We encounter difficulties creating multiple platforms or interfaces and manual processes for changing certain settings."
"The product is not that easy to set up."
"The Vendor Risk dashboard is quite basic today and not interactive, but improvements are in coming the next releases."
"There are limitations to customized workflow automation, and they need to increase both the available automation and the customized workflow."
Amazon Inspector is ranked 6th in IT Vendor Risk Management with 4 reviews while OneTrust GRC is ranked 3rd in IT Vendor Risk Management with 7 reviews. Amazon Inspector is rated 7.8, while OneTrust GRC is rated 7.6. The top reviewer of Amazon Inspector writes "Primarily focuses on security of EC2 instances, provides point-in-time assessments rather than real time protection but provides automated vulnerability detection". On the other hand, the top reviewer of OneTrust GRC writes "Costly solution that may not guarantee ROI, but remains effective in IT risk management ". Amazon Inspector is most compared with Tenable Vulnerability Management, Tenable Nessus, Microsoft Defender for Cloud, Tenable Cloud Security and JFrog Xray, whereas OneTrust GRC is most compared with RSA Archer, ProcessUnity, AuditBoard, Workiva Wdesk and LogicGate. See our Amazon Inspector vs. OneTrust GRC report.
See our list of best IT Vendor Risk Management vendors.
We monitor all IT Vendor Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
