AWS Security Hub vs. xMatters

I don't think there's yet a perfect tool in this category of security and incident aggregators, but AWS Security Hub is an excellent tool for having visibility into our overall security posture. It is a great aggregator for many AWS services but also for third party security tools with which it integrates really well.

Incentivized

We use xMatters for our alerting on critical matters. ServiceNow is our incident management system and it ties into xMatters. When a critical alert is generated it will notify the appropriate party. I'm trying to see if two other departments can use it. We are looking for a refrigeration system and for weather alerts when bad storms are coming

Incentivized

• Alerting
• Aggregation, organization and prioritization of security alerts and events
• Third party integration

Incentivized

• Close to real-time alert notifications over preferable options, like phone call, text, email, or app notification.
• Automated incident communication about critical system outages based on alerts received in the system.
• Automated on-call roster and notification deliveries to SME.

Incentivized

• Not easy to read past data, especially once it moves into Glacier deep storage
• performance is somewhat sluggish ... other systems are much faster to analyze data
• Doesn't always provide a remediation solution or suggested fix like other 3rd party tools like Qualys.
• It's hard to get the initial configuration and enrollment completed as there's a lot of manual intervention for every configured rule that needs to be enabled
• alerts are often times delayed

Incentivized

• While the Workflow's are one of xMatters's strengths, the complexity can make it difficult at times to get things configured properly and get the desired result.

Incentivized

AWS always good with usability and same here for AWS Security Hub. A lot of good documentation is available to read and configure your own. We also started with looking at the videos and documentation to configure automation for our compliance checks. And to configure there are very less steps to be followed which is a very good thing for faster configuration.

Incentivized

xMatters has a pretty good UI. However, its versatility does get in the way a little as the number of options can be overwhelming, and it sometimes takes a while to find the place you want, or get the result you want. I don't have any suggestions on how to fix this, it's just a side effect of the complexity that xMatters offers.

Incentivized

xMatters has a good support team that respond in a timely fashion within the agreed SLA with our company. They also have elaborate documentation on how to onboard xMatters in your organization, how to administer it and use it. They have very good fault mitigation capability which helps us to get quick recovery in case of system failures.

Incentivized

AWS Security Hub is it's own unique program that I have used. I haven't used anything similar to it and it was worth it to try out. However, for those that want to keep for long, it will be very heavy in term of budget and resource that they have to provide.

Incentivized

xMatters is a market leader among many new burgeoning products in the stakeholder notification space. They are historically one of two original enterprise products in this space. Great client base of large companies and good reputation. xMatters offers flexible licensing models, depending on functional needs. It's easy to learn and use but slightly more difficult to administer.

Incentivized

• Since we have started using this, we could notice a drop of security issues

Incentivized

• Quicker response times for on-call personnel.
• Managers are able to pull reports faster for any incidents escalated to their team.
• When needing to contact another on-call associate from another team, xMatters provides conference bridge lines. You don't have to set up meetings through Outlook or Skype.

Incentivized