Consultant at a tech services company with 11-50 employees
Reseller
2020-05-27T12:39:12Z
May 27, 2020
CloudWatch is great, but it's not enough on its own. CloudWatch provides some limited alerting capabilities, but this is nothing like a true correlation engine or behavioral anomaly detection engine. You really need to feed your CloudWatch data into a SIEM or UEBA to get the most value from those logs. Also note that many of the logs that get fed into CloudWatch could also be fed directly to a SIEM via other means like syslog or agents, so you should consider what requirements you need to fulfill and where you'll get the best value for your money.
Search for a product comparison in Security Information and Event Management (SIEM)
Security is changing, they finding always new possibilities to break in. AWS Cloudwatch is more monitoring and log analytics tool, while a SIEM is more a security tool. So yes if your business is important an can not have a long downtime. The combination is better.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: April 2024.
CloudWatch is great, but it's not enough on its own. CloudWatch provides some limited alerting capabilities, but this is nothing like a true correlation engine or behavioral anomaly detection engine. You really need to feed your CloudWatch data into a SIEM or UEBA to get the most value from those logs. Also note that many of the logs that get fed into CloudWatch could also be fed directly to a SIEM via other means like syslog or agents, so you should consider what requirements you need to fulfill and where you'll get the best value for your money.
Security is changing, they finding always new possibilities to break in. AWS Cloudwatch is more monitoring and log analytics tool, while a SIEM is more a security tool. So yes if your business is important an can not have a long downtime. The combination is better.