AWS Security Hub gives users a comprehensive view of your high-priority security alerts and security posture across AWS accounts. With Security Hub, users have a single place that aggregates, organizes, and prioritizes security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions.
N/A
Tenable Security Center
Score 8.1 out of 10
N/A
Tenable Security Center (formerly Tenable.sc) from Tenable Network Security in Baltimore, presents a vulnerabiliy management option used to identify and prioritize vulnerabilities based on risk to businesses. It is managed on premises.
AWS Security Hub is it's own unique program that I have used. I haven't used anything similar to it and it was worth it to try out. However, for those that want to keep for long, it will be very heavy in term of budget and resource that they have to provide.
AWS stacks up very similarly to Splunk but being that it's an AWS tool it is better able to natively monitor our AWS footprint, unlike splunk which requires an appliance and / or forwarding agent for it to work properly. The same can be said about some other tools like …
The GuardDuty and Inspector components have been invaluable for us. We don't use all of AWS Security Hub because we're comfortable with the our other tooling which we use for other aspect of our IT operations.
Tenable.sc [(formerly SecurityCenter)] has been around for a long time and in our opinion offered the easiest configuration for compliance scanning and it's rating system was more impressive than Rapid 7's.
Tenable.sc can be installed so easily within an hour or so and it has user-friendly GUI with inbuilt industry-based customizable reports i.e. HIPAA, GDPR, ISO standards, etc. It also includes a configurable workflow engine that helps to speed up response and remediation, reduce …
My organization is strictly prohibited from using cloud services. Tenable.sc offers cloud service but we needed on-premises services. Therefore, Tenable.io was eliminated by Tenable.sc.
We decided to go with Tenable due to its robust reporting capabilities and competitive pricing vs its competitors. While all tools are very similar in regards to scanning capabilities we prefer Tenable SC's user interface. We also like the option to have both on-prem and cloud …
We selected Tenable because is one of the best solution at the moment. Tenable is a powerful tool that we use for validation of our patching methodology. This is very helpful if you are only patching what the vendor deems as critical and then with this external validation you …
AWS Security Hub is mainly for protecting your software, video games, web application, etc... from external digital threats. This is a must for all software out there that can afford it. This also require a decent amount of resources to mitigate problems so that the monitoring page isn't overloaded. So overall, a large amount of budget and manpower is required to maintain this product.
Tenable.sc is best suited for those organizations who are not very comfortable with Cloud and want an on-premises solution. If any organization has to follow some guidelines that no data should go to the cloud, in this case, Tenable.sc is a perfect fit as it's installed in the infra Datacenter and no data goes to Cloud. Tenable.sc won't be appropriate for those who have their infra setup on cloud.
Not easy to read past data, especially once it moves into Glacier deep storage
performance is somewhat sluggish ... other systems are much faster to analyze data
Doesn't always provide a remediation solution or suggested fix like other 3rd party tools like Qualys.
It's hard to get the initial configuration and enrollment completed as there's a lot of manual intervention for every configured rule that needs to be enabled
AWS always good with usability and same here for AWS Security Hub. A lot of good documentation is available to read and configure your own. We also started with looking at the videos and documentation to configure automation for our compliance checks. And to configure there are very less steps to be followed which is a very good thing for faster configuration.
On all of the occasions that I have had to reach out to Tenable for assistance, they have been extremely helpful and knowledgeable. Solutions and support are provided quickly, and they work on the issue until it is resolved.
AWS stacks up very similarly to Splunk but being that it's an AWS tool it is better able to natively monitor our AWS footprint, unlike splunk which requires an appliance and / or forwarding agent for it to work properly. The same can be said about some other tools like Dynatrace. Dynatrace has a much more pleasant user interface that the senior management seems to like more, but AWS Security Hub has better options, a more straightforward rules engine and is less expensive than both Splunk and Dynatrace
Tenable.sc [(formerly SecurityCenter)] has been around for a long time and in our opinion offered the easiest configuration for compliance scanning and it's rating system was more impressive than Rapid 7's.