AWS Security Hub Pros and Cons

Monitoring is one part which is very essentials eg, VPC flow logs, s3 logs, API logs, system logs with aggregators etc . But analysing the logs as centralized hub , security hub provides the context. Along side coming to compliance , macie with its AI ML models , able to identify PII in S3. More that these, custome logs can also be formatter into ASAF using services like Lamba intervined. Which threat own threat intelligence capablitiy and custom integration to SIEM solution offers visibility across the environment. Apart from service, aws provides a lot of resources for industary standards and that keeps us upto date and skilled. Support is alwasys a second option , as I get everything from easy documented materials. Day to day getting used, gave a clear explames of scenarios where I can act upon a breach or an event with the available service. which helped me to understand the risks and what security controls are needed. Review collected by and hosted on G2.com.

Image recongnikition where photocopies of Sensitive information are elsewhere, not sure where to get the docs. But with few service capablities, was able to do it. Review collected by and hosted on G2.com.

Eventhough other security services in aws helps me in aggregate logs from events, and Macie for compliace buf fortunalety to be proactive instead of being reactive always security hub seems pretty friedly choice. Implementation and integration are easy and well documented. No worries about the support as AWS itself community friendly . For me its a daily routine. Review collected by and hosted on G2.com.

NA. But sometimes, finding scenario based setups are quite rare. Review collected by and hosted on G2.com.

IAM: AWS IAM provides fine-grained control over user permissions and supports multi-factor authentication (MFA), adding an extra layer of security.

Monitoring and threat detection are one of the best. I used services like Amazon GuardDuty and AWS Security Hub in our organization quite often. Review collected by and hosted on G2.com.

Integrating certain third-party security tools may pose challenges due to compatibility issues or the need for additional configuration.

Some users may find the AWS Cloud Security interface a bit confusing and not very user-friendly. Review collected by and hosted on G2.com.

AWS has good number of services which are best among all Cloud service providers for me like AWS Transist Gateway to support Hub and Spoke architecture, AWS WAF and Shield for L3,L4 & L7 attacks, AWS IAM, AWS Gurd duty, AWS Inspector etc Review collected by and hosted on G2.com.

AWS Shield advance service needs an improvement to protect from every type of DDoS attacks as it was failed twice to detect DDoS attacks and failed to protect our resources and systems where inaccessible during DDoS attack simulation Review collected by and hosted on G2.com.

All available CSPM standandards their result/score for each test along with remidation steps , which helps to fix the issue and improve compliance score Review collected by and hosted on G2.com.

Nothing as such to dislik , easy deployment single click with detailed output Review collected by and hosted on G2.com.

Comprehensive security suite: AWS offers a vast array of security tools and services, covering everything from access management to data encryption and threat detection. This one-stop shop simplifies security implementation and reduces the need for third-party solutions.

Granular control: AWS allows you to fine-tune security settings based on your specific needs and risk tolerance. This level of customization empowers organizations to build a security posture that aligns with their unique environment.

Compliance-focused: AWS provides built-in features and pre-configured compliance frameworks that help organizations meet industry regulations and internal policies. This can significantly streamline compliance audits and reporting processes. Review collected by and hosted on G2.com.

Complexity: The sheer breadth of AWS security offerings can be overwhelming for new users. Navigating the different services and understanding their interactions can be a steep learning curve, even for experienced IT professionals.

Pricing: While AWS offers a free tier for some services, many essential security features come at a cost. The pricing structure can be complex, making it difficult to accurately estimate and budget for security expenses.

Limited visibility: While AWS provides tools for monitoring and analyzing security events, the default dashboards can lack depth and customization options. For organizations with complex security needs, building comprehensive security reports may require additional tools or expertise. Review collected by and hosted on G2.com.

Aws security hub maintains security posture of the environment, It is a good tool for listing out all the high, low, medium priorty alerts and the remediation steps. It is integrated with all the services of aws like s2, cloudwatch, kms etc.It is very easy to use as All the alerts are at one place.we also have customer suppory available. Review collected by and hosted on G2.com.

I liked the product overall. There is no issue from my side. Review collected by and hosted on G2.com.

AWS provides a brief control over the infrastructure security, but two features i like the most are

1. AWS Security Hib.

Its a CSPM (Cloud Security Posture Management) solution for AWS that provides automated & continuous best practices security check on AWS resources.

2.AWS Amazon Inspector

It check the cloud apps & identify the vulnerabilities like Remote Code Execution, XSS and SQLi.

3. very good customer support

AWS customer support is very good for the customer handholding.

These features makes AWS one of the most secure cloud service. Review collected by and hosted on G2.com.

AWS cloud service has very good security features but the admin has to be well-versed with these advanced features to configure them properly and get the benefit. e.g. If S3 bucket or AMI are inappropriately configured they can make unauthorized users to access the critical org resources. A properly trained & certified admin should be assigned to configure the security features carefully. Complexity is enemy of security & trained resource is the key to avoid this threat. Ease of implementation and ease of use are the features that should be improved although a very good customer support makes this easier for new customers. Review collected by and hosted on G2.com.

Consolidated View: See all security findings from AWS services and integrations in one place.

Automated Insights: Gain prioritised risks based on severity and context.

Streamlined Remediation: Remediate vulnerabilities directly from security hub.

Cost Effective Review collected by and hosted on G2.com.

Alert Overload, Lack of native remediation, Limited Customizability, Integration complexity Review collected by and hosted on G2.com.

It reduces the effort to collect and prioritize security findings across accounts from integrated AWS services and AWS partner products Review collected by and hosted on G2.com.

Very expensive. You would need a large budget for this Review collected by and hosted on G2.com.