AWS CloudTrail vs. AWS Security Hub

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
AWS CloudTrail
Score 8.6 out of 10
N/A
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of an AWS account. With CloudTrail, users can log, continuously monitor, and retain account activity related to actions across AWS infrastructure. CloudTrail provides event history of AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking,…N/A
AWS Security Hub
Score 9.0 out of 10
N/A
AWS Security Hub gives users a comprehensive view of your high-priority security alerts and security posture across AWS accounts. With Security Hub, users have a single place that aggregates, organizes, and prioritizes security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions.N/A
Pricing
AWS CloudTrailAWS Security Hub
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
AWS CloudTrailAWS Security Hub
Free Trial
YesNo
Free/Freemium Version
YesNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsYou can view, filter, and download the most recent 90 days of your account activity for all management events in supported AWS services free of charge. You can set up a trail that delivers a single copy of management events in each region free of charge. Once a CloudTrail trail is set up, Amazon S3 charges apply based on your usage. You will be charged for any data events or additional copies of management events recorded in that region. In addition, you can choose CloudTrail Insights by enabling Insights events in your trails. CloudTrail Insights analyzes write management events, and you are charged based on the number of events that are analyzed in that region.
More Pricing Information
Community Pulse
AWS CloudTrailAWS Security Hub
Considered Both Products
AWS CloudTrail
Chose AWS CloudTrail
We mainly needed to focus on logging and auditing of AWS services and activity, while Datadog & New Relic are more about performance monitoring and analytics. Moreover, AWS CloudTrail has a seamless integration with AWS, since it's coming from one bucket of products. So having …
Chose AWS CloudTrail
For this specific functionality, I am not aware of any other product that can do what [AWS] Cloudtrail does.
We did not evaluate any other products.
Chose AWS CloudTrail
Our company has not used any alternatives. Within our industry, it seems that AWS CloudTrail is the defacto standard for this type of functionality within the AWS environment.
Chose AWS CloudTrail
I think in the end, CloudTrail has more features and you can dive deeper inside the logs so it depends on your usage and what you expect in the end to make the right choice, I would say that both tools are really useful and bring a lot of benefits to I.T. companies.
AWS Security Hub
Chose AWS Security Hub
AWS Security Hub is it's own unique program that I have used. I haven't used anything similar to it and it was worth it to try out. However, for those that want to keep for long, it will be very heavy in term of budget and resource that they have to provide.
Chose AWS Security Hub
AWS stacks up very similarly to Splunk but being that it's an AWS tool it is better able to natively monitor our AWS footprint, unlike splunk which requires an appliance and / or forwarding agent for it to work properly. The same can be said about some other tools like …
Chose AWS Security Hub
The GuardDuty and Inspector components have been invaluable for us. We don't use all of AWS Security Hub because we're comfortable with the our other tooling which we use for other aspect of our IT operations.
Best Alternatives
AWS CloudTrailAWS Security Hub
Small Businesses
Armor
Armor
Score 6.0 out of 10

No answers on this topic

Medium-sized Companies
Druva Security Cloud
Druva Security Cloud
Score 9.7 out of 10
Freshservice
Freshservice
Score 8.7 out of 10
Enterprises
Druva Security Cloud
Druva Security Cloud
Score 9.7 out of 10
Freshservice
Freshservice
Score 8.7 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
AWS CloudTrailAWS Security Hub
Likelihood to Recommend
8.0
(0 ratings)
9.0
(0 ratings)
Usability
-
(0 ratings)
9.0
(0 ratings)
User Testimonials
AWS CloudTrailAWS Security Hub
Likelihood to Recommend
Most probably it would be suitable for Finance industries, where security is at the head of the table. However, in our case for E-commerce, it's also quite suitable, since we have quite a significant amount of data and usage of AWS services. Especially with usage of AWS services, AWS CloudTrail comes into play as a heavy plus. For instance, troubleshooting any issues in AWS services is really nice. Therefore, it would be less appropriate with a small amount of AWS service usage and some basic web hosting.
Read full review
AWS Security Hub is mainly for protecting your software, video games, web application, etc... from external digital threats. This is a must for all software out there that can afford it. This also require a decent amount of resources to mitigate problems so that the monitoring page isn't overloaded. So overall, a large amount of budget and manpower is required to maintain this product.
Read full review
Pros
  • Logs details
  • Easy implementation
  • Great support
Read full review
  • Brings together the security related AWS tools in one dashboard
  • Allows to pick and chose which AWS security tools to use
  • Clean UI
Read full review
Cons
  • Delay
  • User interface, must send logs elsewhere to view them
Read full review
  • Not easy to read past data, especially once it moves into Glacier deep storage
  • performance is somewhat sluggish ... other systems are much faster to analyze data
  • Doesn't always provide a remediation solution or suggested fix like other 3rd party tools like Qualys.
  • It's hard to get the initial configuration and enrollment completed as there's a lot of manual intervention for every configured rule that needs to be enabled
  • alerts are often times delayed
Read full review
Usability
No answers on this topic
AWS always good with usability and same here for AWS Security Hub. A lot of good documentation is available to read and configure your own. We also started with looking at the videos and documentation to configure automation for our compliance checks. And to configure there are very less steps to be followed which is a very good thing for faster configuration.
Read full review
Alternatives Considered
For this specific functionality, I am not aware of any other product that can do what [AWS] Cloudtrail does. We did not evaluate any other products.
Read full review
AWS stacks up very similarly to Splunk but being that it's an AWS tool it is better able to natively monitor our AWS footprint, unlike splunk which requires an appliance and / or forwarding agent for it to work properly. The same can be said about some other tools like Dynatrace. Dynatrace has a much more pleasant user interface that the senior management seems to like more, but AWS Security Hub has better options, a more straightforward rules engine and is less expensive than both Splunk and Dynatrace
Read full review
Return on Investment
  • Saved us from purchasing and managing 3rd party solutions
  • Satisfies Security/Governance requirements
  • No upkeep/maintenance
Read full review
  • The automated compliance test helped us a lot to get PCIDSS certified so it was a very good return for our investments.
  • Some third party tools we were using were not available for AWS Security Hub automated testing.
  • Easy to configure for faster security automations but if we need detailed reports we should add more tools.
Read full review
ScreenShots

AWS CloudTrail Screenshots

Screenshot of CloudTrail Insights: Identify and respond to unusual operational activity
•Unexpected spikes in resource provisioning
•Bursts of IAM management actions
•Gaps in periodic maintenance activity
•Automatic analysis of API calls and usage patterns
•Alerts when unusual activity is detected