AWS Security Hub vs. Microsoft Defender for Cloud

I don't think there's yet a perfect tool in this category of security and incident aggregators, but AWS Security Hub is an excellent tool for having visibility into our overall security posture. It is a great aggregator for many AWS services but also for third party security tools with which it integrates really well.

Incentivized

Microsoft Defender for Cloud is very good at allowing users to see how their Azure environment is secure through the secure score. The recommendations are an excellent source of the controls that should be in place to ensure a secure environment. There needs to be more protection and features for data security.

Incentivized

• Brings together the security related AWS tools in one dashboard
• Allows to pick and chose which AWS security tools to use
• Clean UI

Incentivized

• detect and respond to security threats in the cloud environment, reducing the risk of data breaches and unauthorized access.
• The product assists our organization dealing with sensitive data in achieving and maintaining compliance with data protection rules.
• The product provides real-time visibility into the cloud environment, offering insights into ongoing security activities.
• It guarantees that security teams can actively handle possible threats by delivering real-time monitoring and notifications, reducing the impact on business operations.

Incentivized

• Not easy to read past data, especially once it moves into Glacier deep storage
• performance is somewhat sluggish ... other systems are much faster to analyze data
• Doesn't always provide a remediation solution or suggested fix like other 3rd party tools like Qualys.
• It's hard to get the initial configuration and enrollment completed as there's a lot of manual intervention for every configured rule that needs to be enabled
• alerts are often times delayed

Incentivized

• The licensing structure could be better by providing possibilities for partial deployment in a subscription
• The information in the dashboards are sometimes scattered, there should be a better overall view
• Some parts of Defender for Cloud are expensive, some features should be moved to the standard capabilities of Azure

It is a great product that integrates nicely when running an Azure platform and even multi-cloud environment. Not looking for point-solutions but a suite that answers most requirements. It is very comfortable being able to use KQL, workbooks and automation that is native to the azure platform

AWS always good with usability and same here for AWS Security Hub. A lot of good documentation is available to read and configure your own. We also started with looking at the videos and documentation to configure automation for our compliance checks. And to configure there are very less steps to be followed which is a very good thing for faster configuration.

Incentivized

Just for the fact that there is always room to improve, but at the same time because it gives us that single picture across all Microsoft Stack, including the other dependent stack. I think it's the usability and tying into Sentinel is quite helpful as a reseller for us.

Incentivized

AWS Security Hub is it's own unique program that I have used. I haven't used anything similar to it and it was worth it to try out. However, for those that want to keep for long, it will be very heavy in term of budget and resource that they have to provide.

Incentivized

Microsoft Defender for Cloud is definitely the choice with the latest market trend and attacks that are currently happening. Microsoft has been able to safe guard a lot after the recent serious attacks happening globally in the digital world. There is a trust in this software and with the latest updates and machine learning capabilities, Microsoft Defender for Cloud should be the choice.

Incentivized

• The automated compliance test helped us a lot to get PCIDSS certified so it was a very good return for our investments.
• Some third party tools we were using were not available for AWS Security Hub automated testing.
• Easy to configure for faster security automations but if we need detailed reports we should add more tools.

Incentivized

• It simplifies security management and saves time. I'm not sure, but I'm very confident it saved me a couple of paychecks by centralizing the data I need to secure the cloud environment.
• I also utilize the inventory overview to monitor my team's activities and verify they are following internal regulations, as well as cost overruns.
• The recommendations can be utilized as a valuable instructional tool. I have the team explain why they are receiving them, why they are not following them, and what they are doing differently.

Incentivized