We performed a comparison between AWS Security Hub and ClearSkies SaaS NG SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The analytic rule is the most valuable feature."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The UI of Sentinel is very good and easy to use, even for beginners."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"Finding out if your infrastructure is secure is a valuable feature."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"Very good at detection and providing real-time alerts."
"I find all of the features to be highly valuable."
"The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture."
"Cloudposse is a valuable feature as it guarantees my security."
"The platform has valuable features for security."
"The correlation rules and the user platform are most valuable."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"There is room for improvement in entity behavior and the integration site."
"The reporting could be more structured."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"The support must be quicker."
"The solution lacks self-sufficiency."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"They can add behavior analytics and AI or machine learning technology. They also improve their correlation engine. In addition to collecting logs from devices, they can collect the traffic and then correlate these logs and the traffic information."
Earn 20 points
AWS Security Hub is ranked 9th in Security Information and Event Management (SIEM) with 16 reviews while ClearSkies SaaS NG SIEM is ranked 56th in Security Information and Event Management (SIEM). AWS Security Hub is rated 7.6, while ClearSkies SaaS NG SIEM is rated 8.0. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of ClearSkies SaaS NG SIEM writes "Good correlation rules, competitive pricing, and good stability". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Splunk Enterprise Security and Google Chronicle Suite, whereas ClearSkies SaaS NG SIEM is most compared with .
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
