We performed a comparison between AWS Security Hub and Singularity Cloud Security by SentinelOne based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"It has a lot of great features."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The product can integrate with any device."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"The UI of Sentinel is very good and easy to use, even for beginners."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Finding out if your infrastructure is secure is a valuable feature."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"The most valuable feature of the solution stems from the fact that it is easy to manage...It is a scalable solution."
"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."
"It's positively affected the communication between cloud security, application developers, and AppSec teams."
"It is advantageous in terms of time-saving and cost reduction."
"The agentless vulnerability scanning is great."
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"All the features we use are equal and get the job done."
"It is scalable, stable, and can detect any threat on a machine. It uses artificial intelligence and can lock down any virus."
"It is fairly simple. Anybody can use it."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"The solution lacks self-sufficiency."
"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."
"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."
"It is not flexible for multi-cloud environments."
"From an improvement perspective, there is a need to add more compliance since, right now, AWS Security Hub only provides four to five compliances to control the tool."
"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"We are experiencing problems with Cloud Native Security reporting."
"The alerting system of the product is an area that I look at and sometimes get confused about. I feel the alerting feature needs improvement."
"The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing."
"Some of the navigation and some aspects of the portal may be a little bit confusing."
"We've found a lot of false positives."
"One area for improvement could be the internal analysis process, specifically the guidance provided for remediation."
More Singularity Cloud Security by SentinelOne Pricing and Cost Advice →
AWS Security Hub is ranked 8th in Security Information and Event Management (SIEM) with 16 reviews while Singularity Cloud Security by SentinelOne is ranked 5th in Cloud-Native Application Protection Platforms (CNAPP) with 67 reviews. AWS Security Hub is rated 7.6, while Singularity Cloud Security by SentinelOne is rated 8.6. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Singularity Cloud Security by SentinelOne writes "Provides excellent workload telemetry, hunting capabilities, and deep visibility ". AWS Security Hub is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Microsoft Defender for Cloud, Google Chronicle Suite and Oracle Security Monitoring and Analytics Cloud Service, whereas Singularity Cloud Security by SentinelOne is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Orca Security, AWS GuardDuty and Qualys VMDR.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
