We performed a comparison between AWS Security Hub and Google Chronicle Suite based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"We have no complaints about the features or functionality."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"Finding out if your infrastructure is secure is a valuable feature."
"Cloudposse is a valuable feature as it guarantees my security."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"The solution shows us our compliance score."
"The platform has valuable features for security."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience."
"What sets Chronicle apart from other solutions is its emphasis on threat hunting rather than solely serving as a monitoring tool."
"Google Chronicle Suite is a highly scalable solution with good search capabilities."
"The support team is responsive."
"The log folder is fairly simple."
"The tool's most valuable feature is the search option, allowing easy navigation."
"The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well."
"Google Chronicle Suite provides useful APIs."
"We'd like to see more connectors."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"I would like to see more AI used in processes."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"The support must be quicker."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"A few areas are difficult to understand for someone who has less experience using the product."
"The configuration is not optimal."
"The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now."
"The solution's graphical user interface (GUI) should be more user-friendly."
"The tool is a little bit difficult to use compared to Microsoft Sentinel."
"In terms of improvement, the UI can be a bit challenging for beginners."
"The tool is complicated for a first-time user. It should also include newer APIs."
"The product's default dashboard feature has a few limitations regarding availability."
AWS Security Hub is ranked 9th in Security Information and Event Management (SIEM) with 16 reviews while Google Chronicle Suite is ranked 29th in Security Information and Event Management (SIEM) with 8 reviews. AWS Security Hub is rated 7.6, while Google Chronicle Suite is rated 7.8. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Google Chronicle Suite writes "Swiftly navigates and analyzes extensive datasets without significant delays ". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Splunk Enterprise Security and Oracle Security Monitoring and Analytics Cloud Service, whereas Google Chronicle Suite is most compared with Splunk Enterprise Security, Sentinel, IBM Security QRadar, Rapid7 InsightIDR and Elastic Security. See our AWS Security Hub vs. Google Chronicle Suite report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
