We performed a comparison between AWS Security Hub and Tenable.sc based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Tenable.sc provides precise identification of vulnerabilities, compliance and vulnerability scans, and a risk-oriented methodology. On the other hand, AWS Security Hub receives commendation for its integration capabilities, immediate alerts, and thorough notifications regarding potential compliance concerns. Tenable.sc and AWS Security Hub both have areas where they could improve. Tenable.sc needs to work on their penetration testing, pricing, ticketing, GUI, reporting, vendor training, and accuracy of vulnerability assessments. AWS Security Hub requires more integration options, better UI, multi-cloud compatibility, faster updates, and easier configuration.
Service and Support: Tenable.sc's customer service has received mixed feedback, with varying levels of helpfulness. In comparison, AWS Security Hub's support is praised for being prompt and good.
Ease of Deployment: Tenable.sc's initial setup is praised for being simple and quick, with the cloud version taking only one day and the on-prem version taking two to three weeks. Meanwhile, AWS Security Hub's setup is also considered easy, though it does involve policy configuration and some upkeep.
Pricing: Tenable.sc charges based on the number of IP addresses and has mixed opinions on pricing, while AWS Security Hub has reasonable pricing.
ROI: Tenable.sc is cost-effective and offers a guaranteed ROI with a significant reduction in manpower costs. In contrast, AWS Security Hub does not provide the same level of value, despite offering a positive outcome.
Comparison Results: Tenable.sc is seen as the superior choice when compared to AWS Security Hub by users. This is due to its extensive features, including accurate vulnerability detection, compliance and vulnerability scans, and a risk-based approach. Tenable.sc also provides advanced scanning, asset discovery, and scoring, which are not found in AWS Security Hub. Although AWS Security Hub is praised for its integration capabilities and real-time alerts, Tenable.sc's analysis, prioritization, and usability features make it a more valuable tool for vulnerability analysis and remediation progress tracking.
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
"The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster."
"Our most important features are those around entitlement, external exposure, vulnerabilities, and container security."
"I like Wiz's reporting, and it's easy to do queries. For example, it's pretty simple to find out how many servers we have and the applications installed on each. I like Wiz's security graph because you can use it to see the whole organization even if you have multiple accounts."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"The security baseline and vulnerability assessments is the valuable feature."
"I find all of the features to be highly valuable."
"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."
"It's a security posture management tool from AWS. Basically, it identifies misconfigurations, similar to Trusted Advisor but on a larger scale."
"I like that AWS Security Hub currently has several good features, around four or five. The technical support for AWS Security Hub is also responsive."
"Currently, our organization utilizes AWS for various purposes, including SaaS (Software as a Service), PaaS (Platform as a Service), and hosting applications in the cloud. We develop our applications and use AWS services as a platform for basic functions and secondary development needs. Additionally, we rely on PaaS for accounting services. Approximately, 50% of our applications are hosted in the cloud environment, making it a significant part of our current setup."
"The most valuable feature of AWS Security Hub is the ability to track when monitoring is not enabled on any of my resources."
"Cloudposse is a valuable feature as it guarantees my security."
"The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud."
"Compliance and vulnerability scans are most valuable. Compliance scan helps in validating how our teams are complying, and vulnerability scan helps in future-proofing. Its vulnerability detection is accurate."
"It basically reviews our threat landscape vulnerability."
"We really love the Security Center dashboard. It basically performs vulnerability scanning and then outputs a vulnerability data."
"The tool gives us fewer false positives. Compared to its competitors, the solution’s reports are more accurate."
"Tenable.sc's best features are the availability model, accident management, and scoring."
"The solution is one of the most, if not the most, stable product available."
"Feature-wise, Tenable Security Center is a very fast tool with many dashboards and reports, and it covers all our systems."
"The most valuable features of Tenable SC are scanning, reporting, dashboards, and automation."
"The only thing that needs to be improved is the number of scans per day."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"The remediation workflow within the Wiz could be improved."
"The solution's container security could be improved."
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"Given the level of visibility into all the cloud environments Wiz provides, it would be nice if they could integrate some kind of mechanism to better manage tenants on multiple platforms. For example, let's say that some servers don't have an application they need, such as an antivirus. Wiz could include an API or something to push those applications out to the servers. It would be great if you could remedy these issues directly from the Wiz platform."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."
"We need more granular-level customizations to enable or disable the rules in AWS Security Hub."
"AWS Security Hub's configuration and integration are areas where it lacks and needs to improve."
"Although AWS Security Hub does a periodic scan of your overall infrastructure, it doesn't do it in real time."
"The support must be quicker."
"Adding SIEM features would be beneficial because of the limited customization of AWS Security Hub."
"The solution lacks self-sufficiency."
"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."
"The user interface, graphs, and dashboards of the solution could improve in the future. They are not very sophisticated and could use an update."
"At times we have had the typical bugs."
"The reporting needs a lot of work on the template."
"Security can always be improved."
"Certain aspects require manual effort, such as exporting and analyzing data for our dashboards. The built-in components of the Tenable solution are somewhat clumsy that require external tools. So, this is an area of improvement."
"In terms of configuration, there is some level of flexibility that we are not able to achieve."
"Tenable's reporting engine needs improvement. It needs to be more efficient and add more features."
"The product should provide risk-based vulnerability management."
"The product could be user-friendly, and they could enhance the web application's security features."
AWS Security Hub is ranked 14th in Cloud Security Posture Management (CSPM) with 16 reviews while Tenable Security Center is ranked 10th in Cloud Security Posture Management (CSPM) with 48 reviews. AWS Security Hub is rated 7.6, while Tenable Security Center is rated 8.2. The top reviewer of AWS Security Hub writes "A centralized dashboard that enables efficient monitoring and management of possible security issues". On the other hand, the top reviewer of Tenable Security Center writes "A security solution for vulnerability assessment with automated scans". AWS Security Hub is most compared with Microsoft Sentinel, Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, Splunk Enterprise Security and Lacework, whereas Tenable Security Center is most compared with Tenable Vulnerability Management, Qualys VMDR, Tenable Nessus, Rapid7 InsightVM and Prisma Cloud by Palo Alto Networks. See our AWS Security Hub vs. Tenable Security Center report.
See our list of best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.