We performed a comparison between AWS GuardDuty and Threat Stack Cloud Security Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Palo Alto Networks, Microsoft, Wiz and others in Cloud Workload Protection Platforms (CWPP)."It helps us detect brute-force attacks based on machine learning."
"The solution is easy to use."
"The way it monitors accounts is definitely a very important feature."
"Since our environment is cloud based and accessible from the internet, we like the ability to check where the user has logged in from and what kind of API calls that user is doing."
"The out-of-band malware detection from the EBS volumes. It's really cool. No agents or anything needed, it automatically finds and correlates based on malware."
"The product has automated protection powered by AI/ML, which is now far more powerful than before. It uses AI/ML in its detection algorithm, providing fast and quick results."
"With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavior or traffic patterns right away, which is great for staying on top of potential security risks."
"It is a highly scalable solution since it is a service by AWS. Scalability-wise, I rate the solution a ten out of ten."
"It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts... We just went through a SOX audit and those were pivotal."
"With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products."
"Every other security tool we've looked is good at containers, or at Kubernetes, is good at AWS, or at instance monitoring. But nobody is good at tying all of those things together, and that's really where Threat Stack shines."
"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."
"It is scalable. It deploys easily with curl and yum."
"Threat Stack has connectivity."
"The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production... We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that."
"Technical support is very helpful."
"Because it's a threat detection service, they need to keep up with the various threat factors because new threat factors and attack factors come up all the time."
"While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved."
"Some of the pain points in Amazon GuardDuty was the cost. When compared to some of the other services, depending on how many we had to monitor, if we had a huge range of accounts, as our accounts increased, we had a cost factor that came into play. Sometimes there were issues, for example, with findings that came up, we wanted to add notes and there were issues back then where notes couldn't be entered properly. If we wanted to leave a note such as "Okay, we have assessed this and this is how we feel", or "This is a false positive", Amazon GuardDuty wasn't allowing us to do that. Even with the suppression of certain findings, there was some issue that we had faced at one time. Those were some of the pain points of the solution."
"We currently find Lacework to be much better at detecting vulnerabilities than AWS GuardDuty. The engines of AWS GuardDuty have to be improved."
"Cost changes. It's very expensive. If you turn on every feature, it's more than most commercial vendors. For smaller orgs, that doesn't make sense."
"AWS GuardDuty sometimes shows false positives and should have better detection accuracy."
"Amazon GuardDuty could be better enriched in threat intelligence data."
"The solution's user interface could be improved because it will help users to understand multiple options."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
"The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"Some features do not work as expected."
"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
"The compliance and governance need improvement."
More Threat Stack Cloud Security Platform Pricing and Cost Advice →
AWS GuardDuty is ranked 4th in Cloud Workload Protection Platforms (CWPP) with 19 reviews while Threat Stack Cloud Security Platform is ranked 28th in Cloud Workload Protection Platforms (CWPP). AWS GuardDuty is rated 8.2, while Threat Stack Cloud Security Platform is rated 8.2. The top reviewer of AWS GuardDuty writes "A stellar threat-detection service that has helped bolster security against malicious threats". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". AWS GuardDuty is most compared with Microsoft Defender for Cloud, Prisma Cloud by Palo Alto Networks, CrowdStrike Falcon Cloud Security, Wiz and Singularity Cloud Workload Security, whereas Threat Stack Cloud Security Platform is most compared with Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Prisma Cloud by Palo Alto Networks, Qualys VMDR and Check Point CloudGuard CNAPP.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.