AWS Security Hub vs. OpsGenie

I don't think there's yet a perfect tool in this category of security and incident aggregators, but AWS Security Hub is an excellent tool for having visibility into our overall security posture. It is a great aggregator for many AWS services but also for third party security tools with which it integrates really well.

Incentivized

Well suited for cases where you just need to alert relevant team members when alerts and incidents come in and make sure that nothing falls through the cracks. Generally OpsGenie just forwards the alerts it receives and allows you to schedule team members to be on-call. It's good for that simple use case and extra helpful if you have Jira or Atlassian Open DevOps since it has nice integrations with those platforms and you can easily monitor ticket progress. If you don't have those, it would be good to check and see if they integrate with whatever you use to track tickets or bugs. The dashboarding and analytics are relatively basic so if you're looking for extensive and highly customizable analytics, this might not be the right solution.

Incentivized

• Alerting
• Aggregation, organization and prioritization of security alerts and events
• Third party integration

Incentivized

• Notifying through all the possible way like sms,mail and call.
• Ita shows the activity log it is usefull when your paging team through the incident through that you can check who has acknowledged or not.
• Notify the alerts to engineer as well as you can also add the description about alerts related what is it.
• Here you can schedule for on-call engineers

Incentivized

• Not easy to read past data, especially once it moves into Glacier deep storage
• performance is somewhat sluggish ... other systems are much faster to analyze data
• Doesn't always provide a remediation solution or suggested fix like other 3rd party tools like Qualys.
• It's hard to get the initial configuration and enrollment completed as there's a lot of manual intervention for every configured rule that needs to be enabled
• alerts are often times delayed

Incentivized

• OpsGenie New Jira design has made it difficult for those not familiar with that style.
• OpsGenie could benefit from nested escalation flows for team schedules. Creating a product alert that uses and Tech Schedule as well as an Incident Manager Schedule that already exists would create less overhead and ease management.

Incentivized

They are fully available at all times via chat, phone, or email and follow up thoroughly.

Incentivized

AWS Security Hub is it's own unique program that I have used. I haven't used anything similar to it and it was worth it to try out. However, for those that want to keep for long, it will be very heavy in term of budget and resource that they have to provide.

Incentivized

We also looked at PagerDuty but decided to go with OpsGenie as it had more features on the plan we needed compared to PagerDuty which would have required us to spend a lot more for what we felt were non-premium features. Everything felt like an add-on - automation for an additional $20 a user per month seemed like a lot on top of the base plan

Incentivized

• Since we have started using this, we could notice a drop of security issues

Incentivized

• Time savings with configuration of on call schedules and personnel. Quick and easy to make changes on short notice.
• We have essentially eliminated the dropped/missed call complaints which used to be routine. Now customers are quickly connected to us hassle free.

Incentivized