AWS Security Hub vs. SolarWinds Pingdom

I don't think there's yet a perfect tool in this category of security and incident aggregators, but AWS Security Hub is an excellent tool for having visibility into our overall security posture. It is a great aggregator for many AWS services but also for third party security tools with which it integrates really well.

Incentivized

I believe the scenarios we used it for were quite well covered, from the executive perspective. The downtime alarms worked very well and were easy to setup, uptime monitoring tools were clear and easy to use, even for non-technical people (C-level) and the SLA management tools allowed us to spend less time, and have less friction, with our clients

Incentivized

• Brings together the security related AWS tools in one dashboard
• Allows to pick and chose which AWS security tools to use
• Clean UI

Incentivized

• The alerts are very responsive offering quite detailed timing information
• The UI for reports is very clear and set up of reports is very intuitive
• Customer service was good when there were problems - e.g. lapsing billing causing reporting to go down

Incentivized

• Not easy to read past data, especially once it moves into Glacier deep storage
• performance is somewhat sluggish ... other systems are much faster to analyze data
• Doesn't always provide a remediation solution or suggested fix like other 3rd party tools like Qualys.
• It's hard to get the initial configuration and enrollment completed as there's a lot of manual intervention for every configured rule that needs to be enabled
• alerts are often times delayed

Incentivized

• The PagerDuty integration could be a lot better. When you use the PagerDuty integration, it doesn't send any information about which check failed! It just sends a message like "Timeout (> 30s)" -- this isn't very helpful when we have hundreds of checks. We've worked around this by using both the PagerDuty and Slack integrations and having them both post to the same Slack channel. But this means that when an engineer is paged from PagerDuty, they have to go to Slack (or Pingdom) to find the details about the page; it's not available on the page itself.

Incentivized

Recently added features have made Pingdom less intuitive for our requirements. While Pingdom has a broad offering and remains a good value, it is becoming more than we need. Our customer base is becoming more and more global and Pingdom still lacks Asia-Pacific monitoring, which we will need within a year.

AWS always good with usability and same here for AWS Security Hub. A lot of good documentation is available to read and configure your own. We also started with looking at the videos and documentation to configure automation for our compliance checks. And to configure there are very less steps to be followed which is a very good thing for faster configuration.

Incentivized

Pingdom is easy to use, very intuitive and has a very short learning curve. From the onset, we've been able to jump in and leverage the tool to accomplish our goals for page speed performance and discover the insights we need to make improvements. Its a well-designed tool and makes for a good user experience.

Incentivized

Interface is unnecessarily complicated and frequently responds slowly.

Support responded the same day to my query, as I was setting the product up but couldn't find the setting I needed. This was successfully resolved in a short time frame, so I was pleased with how quickly we were able to get this resolved. I haven't needed to contact support since.

Incentivized

AWS Security Hub is it's own unique program that I have used. I haven't used anything similar to it and it was worth it to try out. However, for those that want to keep for long, it will be very heavy in term of budget and resource that they have to provide.

Incentivized

1. PRTG Network Monitor was a far more complicated tool to use and set up albeit it does both Internal and External monitoring. The setup wasn't intuitive and there are too many configuration options to complete to form an alert
2. Amazon CloudWatch is specific to AWS resources and cannot be easily use outside of the AWS Ecosystem

Incentivized

• The automated compliance test helped us a lot to get PCIDSS certified so it was a very good return for our investments.
• Some third party tools we were using were not available for AWS Security Hub automated testing.
• Easy to configure for faster security automations but if we need detailed reports we should add more tools.

Incentivized

• Honestly, we have 4 other products that overlap this functionality whose organizations provide far superior support. At this point it is an unnecessary expense.
• In my opinion, their lack of support responsiveness and commitment has impacted our IT agility.
• Its time to explore other alternatives.