AWS Security Hub gives users a comprehensive view of your high-priority security alerts and security posture across AWS accounts. With Security Hub, users have a single place that aggregates, organizes, and prioritizes security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions.
N/A
ManageEngine AlarmsOne
Score 8.0 out of 10
N/A
ManageEngine, a division of Zoho Corporation, offers AlarmsOne, an IT alert management software.
AWS Security Hub is mainly for protecting your software, video games, web application, etc... from external digital threats. This is a must for all software out there that can afford it. This also require a decent amount of resources to mitigate problems so that the monitoring page isn't overloaded. So overall, a large amount of budget and manpower is required to maintain this product.
It is best suited for Server Environments and Enterprises which have their IT infrastructure spread over a wide and different geographical location because since it is cloud based, monotoring can be be done from a single interface, it even comes with a mobile app so you dont allways have to be in fron of your laptop or Dasboard Screen to be able to do helth check or to have visibilty on occurences in the environment.
Not easy to read past data, especially once it moves into Glacier deep storage
performance is somewhat sluggish ... other systems are much faster to analyze data
Doesn't always provide a remediation solution or suggested fix like other 3rd party tools like Qualys.
It's hard to get the initial configuration and enrollment completed as there's a lot of manual intervention for every configured rule that needs to be enabled
AWS always good with usability and same here for AWS Security Hub. A lot of good documentation is available to read and configure your own. We also started with looking at the videos and documentation to configure automation for our compliance checks. And to configure there are very less steps to be followed which is a very good thing for faster configuration.
The user interface is extremelely user friendly despite the challenges we experienced during the setup stages, The real time monitoring is also worth complimenting, its like having a birds-eye view of your whole infrustructure and trust me our infrastructure is massive, spreading accross 3 continents. Aided with the mobile app, you can monitor your environment from almost anywhere at anytime. It allows for some degree of customisation so you can tune it to meet your specific needs.
AWS stacks up very similarly to Splunk but being that it's an AWS tool it is better able to natively monitor our AWS footprint, unlike splunk which requires an appliance and / or forwarding agent for it to work properly. The same can be said about some other tools like Dynatrace. Dynatrace has a much more pleasant user interface that the senior management seems to like more, but AWS Security Hub has better options, a more straightforward rules engine and is less expensive than both Splunk and Dynatrace
Its ability to intergrate with ticket logging systems certainly cuts the need for human resources to manually do health checks and lod tickets with service desk against the alerts raised.
Once set up, the dashboards are easy to understand even for non technical staff so there isnt need for too much to be invested in training.
It allows for customisation to suit our organisations specific business objectives.