AWS Security Hub gives users a comprehensive view of your high-priority security alerts and security posture across AWS accounts. With Security Hub, users have a single place that aggregates, organizes, and prioritizes security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions.
A de minimis incentive was given to thank the reviewer for their time. The incentive was not used to bias or drive a particular response, nor was the incentive contingent on a positive endorsement. More Info
A de minimis incentive was given to thank the reviewer for their time. The incentive was not used to bias or drive a particular response, nor was the incentive contingent on a positive endorsement. More Info
Senior Software Engineering in Engineering at Censius (11-50 employees employees)
Use Cases and Deployment Scope
For our product security and data privacy is very critical. We needed to have a check on all aspects of vulnerability in system. Our in-house team was not that much expert to check for all the critical security aspects of the product. We wanted something managed and takes care of our security. For us AWS Security Hub has been very helpful solution to take care of our secuity issues.
Pros
Compliance Checks - We required a PCIDSS compliant cloud server and AWS had it already ready to use which reduced our go to market time.
It also gave us good recommendations about if we have configured our security groups incorrectly then it allowed us to fix this.
Multi-region security hub on one dashboard
Cons
Detailed reporting can be improved to help fixing issues and better root cause analysis.
Account setting up for new users in security groups is little complicated could have been a simple onboarding process.
The ready to use compliant friendly resources are there but they don't allow much customisation.
Return on Investment
The automated compliance test helped us a lot to get PCIDSS certified so it was a very good return for our investments.
Some third party tools we were using were not available for AWS Security Hub automated testing.
Easy to configure for faster security automations but if we need detailed reports we should add more tools.
A de minimis incentive was given to thank the reviewer for their time. The incentive was not used to bias or drive a particular response, nor was the incentive contingent on a positive endorsement. More Info
President in Engineering at Fluffex Studios (11-50 employees employees)
Use Cases and Deployment Scope
All software, regardless of what it is would benefits from strong security checks. AWS Security Hub does a great job at this for being a cloud security management service that have many outstanding features such as best practice checks, alerts for aggregation, and automated remedies where they see fit in your program.
Pros
Monitoring Malware and DDos attack
Strong technical support
Easy to integrate with AWS cloud
Cons
Very expensive. You would need a large budget for this
Improved dashboard that have better alerts
Required team to mitigate issue as a lot of notification will appear overtime and clog up the monitoring page
Most Important Features
Great at detecting DDOS & malware attack
Good monitoring GUI
Integration with AWS cloud
Return on Investment
Huge cost ($$$)
Lot of manpower required to mitigate issues
Great at security issue detection to prevent future lawsuits
A de minimis incentive was given to thank the reviewer for their time. The incentive was not used to bias or drive a particular response, nor was the incentive contingent on a positive endorsement. More Info
Senior Growth Product Manager in Product Management at WATI (51-200 employees employees)
Use Cases and Deployment Scope
AWS Security Hub has helped us improve security posture and reduce the risk of security breaches. The tools have helped with security visibility, compliance, threat detection, and incident response. AWS Security Hub provides a centralized view of our organization's security posture across their AWS environment, making it easier to identify potential security threats and vulnerabilities.
A de minimis incentive was given to thank the reviewer for their time. The incentive was not used to bias or drive a particular response, nor was the incentive contingent on a positive endorsement. More Info
Verified User
Program Manager in Information Technology (501-1000 employees employees)
Use Cases and Deployment Scope
We use AWS security hub to gain visibility into our high priority security events. We configure it for alerting on certain high risk activity from services like IAM, AWS Firewall Manager and AWS GuarDuty and also use it to check our existing AWS footprint against industry security standards like PCI, GLBA and others in or der to ensure we are compliant.
Pros
Alerting
Aggregation, organization and prioritization of security alerts and events
Third party integration
Cons
Not easy to read past data, especially once it moves into Glacier deep storage
performance is somewhat sluggish ... other systems are much faster to analyze data
Doesn't always provide a remediation solution or suggested fix like other 3rd party tools like Qualys.
It's hard to get the initial configuration and enrollment completed as there's a lot of manual intervention for every configured rule that needs to be enabled
alerts are often times delayed
Most Important Features
Accuracy ! Once rules are properly defined there are very few false positives
Ease of identifying trends
Technical support is excellent
Return on Investment
It helps to keep us compliant, which is a requirement in the financial industry
We have maintained a high security posture with the help of AWS Security Hub, without any security incidents.
I wouldn't say this is necessarily ROI but we have prevented potential data losses, brand damage and the financial cost of the aforementioned with the help of AWS Security Hub.
