AWS Security Hub vs Logz.io comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
33,792 views|18,846 comparisons
Amazon Web Services (AWS) Logo
8,658 views|7,156 comparisons
Logz.io Logo
875 views|605 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between AWS Security Hub and Logz.io based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed AWS Security Hub vs. Logz.io Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store""Microsoft Sentinel comes preloaded with templates for teaching and analytics rules.""I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products.""The UI of Sentinel is very good and easy to use, even for beginners.""If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications.""The Log analytics are useful.""The dashboard that allows me to view all the incidents is the most valuable feature.""The connectivity and analytics are great."

More Microsoft Sentinel Pros →

"Very good at detection and providing real-time alerts.""Finding out if your infrastructure is secure is a valuable feature.""The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources.""I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive.""AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS.""The best feature of AWS Security Hub is that you can get compliance or your cloud's current security posture.""The platform has valuable features for security.""I find all of the features to be highly valuable."

More AWS Security Hub Pros →

"InsightOne is the main reason why we use LogMeIn. This is mostly because of log data that we are pushing tools and logs in general.""The visualizations in Kibana are the most valuable feature. It's much more convenient to have a visualization of logs. We can see status really clearly and very fast, with just a couple of clicks.""It is massively useful and great for testing. We can just go, find logs, and attach them easily. It has a very quick lookup. Whereas, before we would have to go, dig around, and find the server that the logs were connected to, then go to the server, download the log, and attach it. Now, we can just go straight to this solution, type in the log ID and server ID, and obtain the information that we want.""The query mechanism for response codes and application health is valuable.""We use the tool to track the dev and production environment.""The tool is simple to setup where it is just plug and play. The tool is reliable and we never had any performance issues.""The other nice thing about Logz.io is their team. When it comes to onboarding, their support is incredibly proactive. They bring the brand experience from a customer services perspective because their team is always there to help you refine filters and tweak dashboards. That is really a useful thing to have. Their engagement is really supportive.""We use the product for log collection and monitoring."

More Logz.io Pros →

Cons
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it.""Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized.""The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook.""When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel""There is room for improvement in entity behavior and the integration site.""They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization.""The product can be improved by reducing the cost to use AI machine learning.""Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."

More Microsoft Sentinel Cons →

"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update.""Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub.""The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results.""From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool.""It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better.""Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility.""Security needs to be measured based on their own criteria. We can't add custom criteria specific to our organization. For example, having an S3 bucket publicly available might be flagged as a critical alert, but it might not be critical in a sandbox environment. So, it gets flagged as critical, which becomes a false positive. So, customization options and creating custom dashboards would be areas for improvement.""AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."

More AWS Security Hub Cons →

"When it comes to reducing our troubleshooting time, it depends. When there are no bugs in Logz.io, it reduces troubleshooting by 5 to 10 percent. When there are bugs, it increases our troubleshooting time by 200 percent or more.""The solution needs to improve its data retention. It should be greater than seven days. The product needs to improve its documentation as well.""The product needs improvement from a filtering perspective.""The price can be cheaper and they should have better monitoring.""I would like them to improve how they manage releases. Some of our integrations integrate specifically with set versions. Logz.io occasionally releases an update that might break that integration. On one occasion, we found out a little bit too late, then we had to roll it back.""Capacity planning could be a little bit of a struggle.""The solution needs to expand its access control and make it accessible through API.""I would like granularity on alerting so we can get tentative alerts and major alerts, then break it down between the two."

More Logz.io Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "The price of the solution is not very competitive but it is reasonable."
  • "The price of AWS Security Hub is average compared to other solutions."
  • "The pricing is fine. It is not an expensive tool."
  • "AWS Security Hub's pricing is pretty reasonable."
  • "There are multiple subscription models, like yearly, monthly, and packaged."
  • "AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."
  • "Security Hub is not an expensive solution."
  • More AWS Security Hub Pricing and Cost Advice →

  • "You pay for what you need, and that is a good model. They are also quite happy to talk to you about your uses and your use case. They will even go as far as suggesting things that you don't need to do in order to save you money. At one point, I was quite surprised at how cheap it could be if we wanted it to be or how much they would help us manage our costs."
  • "At the time it was set up, we thought Logz.io was very reasonable for what we were getting in terms of how much time and hosting costs it was saving us, because you don't have to run the servers for it anymore."
  • "The tool is an open source product."
  • "The product's pricing is cheaper than other solutions."
  • "The product is a little expensive."
  • More Logz.io Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the… more »
    Top Answer:There is room for improvement in a couple of things. One is that the dashboard isn't very customizable. Another is that… more »
    Top Answer:I use it for security posture management.
    Top Answer:The query mechanism for response codes and application health is valuable.
    Top Answer:The product is a little expensive. We're pushing 17 TB. It costs us one and a half million dollars a year.
    Top Answer:Capacity planning could be a little bit of a struggle. The product must add some AI capabilities to learn from previous… more »
    Comparisons
    Also Known As
    Azure Sentinel
    Logz
    Learn More
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts. 

    The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments. 

    With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

    Logz.io is a leading cloud-native observability platform that enables engineers to use the best open source tools in the market without the complexity of operating, managing, and scaling them. Logz.io offers four products: Log Management built on ELK, Infrastructure Monitoring based on Prometheus, Distributed Tracing based on Jaeger, and an ELK-based Cloud SIEM. These are offered as fully managed, integrated cloud services designed to help engineers monitor, troubleshoot and secure their distributed cloud workloads more effectively. Engineering driven companies like Siemens, Unity and ZipRecruiter use Logz.io to simplify monitoring and security workflows, increasing developer productivity, reducing time to resolve issues, and increasing the performance and security of their mission-critical applications.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Edmunds, Frame.io, GoDaddy, Realtor.com
    Dish Network, The Economist, Forbes, Holler, Kenshoo, OneSpan, Siemens, Sisense, Unity, ZipRecruiter
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company17%
    Financial Services Firm17%
    Music Company8%
    Media Company8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company8%
    Government7%
    REVIEWERS
    Comms Service Provider29%
    Healthcare Company14%
    Computer Software Company14%
    Financial Services Firm14%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Comms Service Provider11%
    Financial Services Firm11%
    Healthcare Company8%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise60%
    REVIEWERS
    Small Business40%
    Midsize Enterprise13%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise13%
    Large Enterprise65%
    REVIEWERS
    Small Business30%
    Midsize Enterprise10%
    Large Enterprise60%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise12%
    Large Enterprise57%
    Buyer's Guide
    AWS Security Hub vs. Logz.io
    March 2024
    Find out what your peers are saying about AWS Security Hub vs. Logz.io and other solutions. Updated: March 2024.
    765,234 professionals have used our research since 2012.

    AWS Security Hub is ranked 8th in Security Information and Event Management (SIEM) with 14 reviews while Logz.io is ranked 25th in Security Information and Event Management (SIEM) with 8 reviews. AWS Security Hub is rated 7.4, while Logz.io is rated 8.2. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Logz.io writes "The solution is a consistent logging platform that provides excellent query mechanisms". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Splunk Enterprise Security and Oracle Security Monitoring and Analytics Cloud Service, whereas Logz.io is most compared with Datadog, Wazuh, Coralogix, Splunk Enterprise Security and Graylog. See our AWS Security Hub vs. Logz.io report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.