AWS Security Hub vs SentinelOne Singularity Cloud Security comparison

AWS Security Hub vs. SentinelOne Singularity Cloud Security

Download the complete report

Helped 868,759 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Security Hub

Ranking in Cloud Security Posture Management (CSPM)

13th

Average Rating

7.6

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (5th)

SentinelOne Singularity Clo...

Ranking in Cloud Security Posture Management (CSPM)

3rd

Average Rating

8.8

Reviews Sentiment

7.9

Number of Reviews

115

Ranking in other categories

Vulnerability Management (5th), Cloud and Data Center Security (2nd), Container Security (3rd), Cloud Workload Protection Platforms (CWPP) (4th), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd)

Mindshare comparison

As of October 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of AWS Security Hub is 4.2%, down from 5.0% compared to the previous year. The mindshare of SentinelOne Singularity Cloud Security is 3.7%, up from 1.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Cloud Security Posture Management (CSPM) Market Share Distribution
Product	Market Share (%)
SentinelOne Singularity Cloud Security	3.7%
AWS Security Hub	4.2%
Other	92.1%

Cloud Security Posture Management (CSPM)

Featured Reviews

MuhammadAzhar Khan

Senior DevOps Engineer at Alibaba Group

Offers best practice recommendations and supports various compliance standards

Security Hub provides insightful information about what is running and where there might be weaknesses. It offers best practice recommendations and supports various compliance standards such as ISO and PCI DSS. Enabling these compliance checks helps identify non-compliant services and suggests steps to achieve compliance. The main advantage is providing information and compliance insights rather than prevention.

Read full review

Mike Bulyk

Senior Director IT Security at a wellness & fitness company with 1,001-5,000 employees

Custom correlation searches enhance threat detection efficiency

Singularity Cloud Security significantly reduced our organization's threat detection time by providing immediate data visibility. This allows our team to analyze telemetry in real-time, query it, and identify anomalies or potential threats using the Singularity platform. We can create rules that automatically trigger alerts based on this real-time data, enabling immediate response. This instant threat detection and response capability is a major improvement over our previous reliance on multiple tools with delayed data flows. Singularity Cloud Security eliminates those delays, saving valuable time in incident response scenarios. MTTR and MTTD are critical metrics for incident response processes. They measure the time it takes to fully address an incident, from initial detection to complete remediation. Minimizing these times is crucial to limit damage, as attackers can quickly exploit vulnerabilities and compromise additional systems. Rapid detection and response are essential to disrupt attackers and prevent further progression within the attack chain. Singularity Cloud helps reduce false positives by allowing engineers direct access to data. This access enables querying, validation, and the creation of correlation searches for improved data analysis. Instead of a black box approach, Singularity provides full visibility into the code and syntax used, increasing confidence in the results. Ultimately, Singularity offers greater control over correlation searches, detection rules, and response scenarios due to the enhanced engagement and control it provides. Singularity's ability to create custom correlation searches significantly reduces noise by avoiding reliance on generic, pre-built searches that often lead to false positives in diverse organizational environments. This targeted approach results in a high positive rate and efficacy, allowing for focused detection and response. By designing and running custom searches, Singularity minimizes the need to sift through irrelevant alerts, unlike systems using default rules that inundate analysts with noise. This translates to a very low noise-to-efficacy ratio, enabling efficient and accurate incident response. Singularity Cloud offers valuable data and capabilities extending beyond security, benefiting various business units. For example, it helped troubleshoot a newly introduced service with limited telemetry. My team created custom correlation searches to track specific event types, confirming the software's functionality. This success garnered positive feedback throughout the company, reaching even the CIO and CSR, as it enabled the business to showcase the software's effectiveness in a way that was previously impossible. SentinelOne improves our regulatory compliance by fulfilling the endpoint detection and response requirements of various frameworks. Many federal regulations require businesses to meet specific security standards, including those related to endpoint, identity, and cloud security. SentinelOne enables us to meet these requirements and assure potential partners that we have a robust security posture. This strengthens our partnerships and streamlines procurement processes, demonstrating how SentinelOne contributes to our compliance efforts. SentinelOne's evidence-based reporting, particularly the CNS reports, fosters trust due to the transparency of the data source and the ability to understand the underlying mechanisms. Knowing the search criteria, data types, and information gathering process, especially when customized for detection engineering, creates confidence in the product and the relationship with SentinelOne. This transparency and customization allow users to delve into the mechanics of the reporting, understand its functionality, and ultimately trust the evidence provided. AI is a crucial consideration for security strategies. While some view AI as a potential replacement for human analysts, others see it as a powerful tool to enhance their capabilities. The latter approach emphasizes AI's ability to accelerate incident response, improve threat detection, and provide valuable insights to analysts. This perspective suggests that AI should be used to augment human expertise, enabling analysts to make faster and more informed decisions, particularly in prioritizing threats and developing a sixth sense for identifying malicious activity. By integrating AI as an enabler, organizations can empower their security teams to become more efficient and effective, ultimately strengthening their overall security posture.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Security Hub provides insightful information about what is running and where there might be weaknesses."

"I really like the seamless integration with the AWS account structure. It can even be made mandatory as part of the landing zone. These are great features. And there's a single pane of glass for the entire account."

"AWS Security Hub can check your infrastructure against multiple compliance frameworks. You can turn on or off specific frameworks based on your needs."

"One of the most effective features of AWS Security Hub is the easy access to a dashboard with a ready-to-use security score."

"Easily integrates with third-party tools"

"I find all of the features to be highly valuable."

"AWS Security Hub provides comprehensive alerts about potential compliance issues with CIS standards. The integration with third-party tools is another excellent feature. All our workloads are on AWS."

"The advantage is that it is cloud-native, and we do not need to install agents or sensors to find findings."

More AWS Security Hub pros

"SentinelOne Singularity Cloud Security has a dashboard that can detect the criticality of a particular problem, whether it falls under critical, medium, or low vulnerability."

"When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks."

"I would rate this solution a nine out of ten."

"The most valuable aspects of SentinelOne Singularity Cloud Security are its alerting system and the remediation guidance it provides."

"The agentless vulnerability scanning is great."

"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."

"We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues."

"The GUI is one of the best features. Audit reports and documentation for alerts are also valuable."

More SentinelOne Singularity Cloud Security pros

Cons

"AWS Security Hub should improve the time it takes to update. It takes a long period of time when updating. It can take 24 hours sometimes to update. Additionally, when integrating this solution with more security tools, takes time."

"There is room for improvement in implementing AI capabilities. It would be beneficial for Security Hub to implement preventative measures and to directly apply recommendations instead of just suggesting them."

"It's not user-friendly. Too much going on, too many unnecessary findings, not very visual. You can't do much compared to other similar tools that are cheaper and better."

"AWS Security Hub cannot scale up to multiple different cloud environments; it only works for AWS."

"The support must be quicker."

"One aspect that could be improved in the solution is its adaptability to different markets and geopolitical restrictions. In certain regions like Thailand, specific services from certain countries or providers, such as AWS or Azure, might be limited or blocked. It also needs improvement in would require configuring the solution more adaptable to AWS infrastructure and function."

"The telemetry doesn't always go into the control center. When you have multiple instances running in AWS, you need a control tower to take feeds from Security Hub and analyze your results. Sometimes exemptions aren't passed between the control tower and Security Hub. The configuration gets mixed up or you don't get the desired results."

"Whenever my team gets some alarms from the central team, my team needs to initiate whether it's a real or false trigger. The central team needs to keep adjusting to the parameters or at least the concerned IPs, whether it's really from the company's pool of IPs, so the trigger process can be improved. In the next release of AWS Security Hub, I'd like a better dashboard that could result in better alert visibility."

More AWS Security Hub cons

"There should be more documentation about the product."

"We recently adopted a new ticket management solution, so we've asked them to include a connector to integrate that tool with Cloud Native Security directly. We'd also like to see Cloud Native Security add a scan for personally identifying information. We're looking at other tools for this capability, but having that functionality built into Cloud Native Security would be nice. Monitoring PII data is critical to us as an organization."

"here is a bit of a learning curve. However, you only need two to three days to identify options and get accustomed."

"There is scope for more application security posture management features. Additionally, the runtime protection needs attention."

"The area of improvement is the cost, which is high compared to other traditional endpoint protections."

"There's room for improvement in the graphic explorer."

"In terms of ease of use, initially, it is a bit confusing to navigate around, but once you get used to it, it becomes easier."

"Bugs need to be disclosed quickly."

More SentinelOne Singularity Cloud Security cons

Pricing and Cost Advice

"AWS Security Hub is not an expensive tool. I would consider it to be a cheap solution. AWS Security Hub follows the PAYG pricing model, meaning you will have to pay for whatever you use."

"There are multiple subscription models, like yearly, monthly, and packaged."

"Security Hub is not an expensive solution."

"The pricing is fine. It is not an expensive tool."

"The price of AWS Security Hub is average compared to other solutions."

"AWS Security Hub's pricing is pretty reasonable."

"The cost is based on the number of compliances, core checks, and services required, and for more than 10,000 recommendations, the charge is just one dollar."

"The price of the solution is not very competitive but it is reasonable."

"For pricing, it currently seems to be in line with market rates."

"We found it to be fine for us. Its price was competitive. It was something we were happy with. We are not a Fortune 500 company, so I do not know how pricing scales at the top end, but for our cloud environment, it works very well."

"Singularity Cloud Workload Security's pricing is good."

"I am not involved in the pricing, but it is cost-effective."

"It was reasonable pricing for me."

"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."

"As a partner, we receive a discount on the licenses."

"SentinelOne is quite costly compared to other security platforms."

More SentinelOne Singularity Cloud Security pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

868,759 professionals have used our research since 2012.

Comparison Review

it_user186927

Director of Operations at Bell

Feb 16, 2015

Cybereason vs. Interset vs. SQRRL

Capture DB - they all use NoSQL db and hence solve the ad hoc query and 'go back in time' problem with current best of breed SIEM and DLP solutions that rely on real time analysis of incoming logs (and don't store them). This means deeper and quicker iterative threat analysis and assessment…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

12%

Manufacturing Company

10%

Government

Computer Software Company

16%

Financial Services Firm

15%

Manufacturing Company

10%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	5
Large Enterprise	12

By reviewers
Company Size	Count
Small Business	44
Midsize Enterprise	21
Large Enterprise	53

Questions from the Community

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

What do you like most about AWS Security Hub?

The most valuable features of the solution are the scanning of all the cloud environments and most of the compliances available in the cloud.

What needs improvement with AWS Security Hub?

Regarding how Amazon can improve AWS Security Hub, they have numerous services that are discriminated individually and grouped into packages. However, the sheer number of services can be overwhelmi...

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features.

What is your experience regarding pricing and costs for PingSafe?

I don't handle the price part, but it isn't more expensive than Palo Alto Prisma Cloud. It's not cheap, but it is worth the price.

What needs improvement with PingSafe?

There is scope for more application security posture management features. Additionally, the runtime protection needs attention.

Microsoft Sentinel vs AWS Security Hub

Comparisons

Compared 36% of the time

Wiz vs AWS Security Hub

Compared 11% of the time

Prisma Cloud by Palo Alto Networks vs AWS Security Hub

Compared 7% of the time

Microsoft Defender for Cloud vs AWS Security Hub

Compared 6% of the time

CrowdStrike Falcon Cloud Security vs AWS Security Hub

Compared 3% of the time

More AWS Security Hub Competitors

Prisma Cloud by Palo Alto Networks vs SentinelOne Singularity Cloud Security

Compared 12% of the time

Wiz vs SentinelOne Singularity Cloud Security

Compared 11% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Microsoft Defender for Cloud vs SentinelOne Singularity Cloud Security

Compared 5% of the time

Skyhigh Cloud-Native Application Protection Platform vs SentinelOne Singularity Cloud Security

Compared 2% of the time

More SentinelOne Singularity Cloud Security Competitors

Product Reports

AWS Security Hub

Download AWS Security Hub product report

SentinelOne Singularity Cloud Security

Download SentinelOne Singularity Cloud Security product report

SentinelOne Singularity Cloud Security report

Also Known As

SQRRL

PingSafe

Overview

AWS Security Hub is a comprehensive security service that provides a centralized view of security alerts and compliance status across an AWS environment. It collects data from various AWS services, partner solutions, and AWS Marketplace products to provide a holistic view of security posture. With Security Hub, users can quickly identify and prioritize security issues, automate compliance checks, and streamline remediation efforts.

The service offers a range of features including continuous monitoring, threat intelligence integration, and customizable dashboards. It also provides automated insights and recommendations to help users improve their security posture. Security Hub integrates with other AWS services like Amazon GuardDuty, AWS Config, and AWS Macie to provide a unified security experience. Additionally, it supports integration with third-party security tools through its API, allowing users to leverage their existing security investments.

With its user-friendly interface and powerful capabilities, AWS Security Hub is a valuable tool for organizations looking to enhance their security and compliance posture in the cloud.

Amazon Web Services (AWS)

SentinelOne Singularity Cloud Security offers a streamlined approach to cloud security with intuitive operation and strong integration capabilities for heightened threat detection and remediation efficiency.

Singularity Cloud Security stands out for its real-time detection and response, effectively minimizing detection and remediation timelines. Its automated remediation integrates smoothly with third-party tools enhancing operational efficiency. The comprehensive console ensures visibility and support for forensic investigations. Seamless platform integration and robust support for innovation are notable advantages. Areas for development include improved search functionality, affordability, better firewall capabilities for remote users, stable agents, comprehensive reporting, and efficient third-party integrations. Clarity in the interface, responsive support, and real-time alerting need enhancement, with a call for more automation and customization. Better scalability and cost-effective integration without compromising capabilities are desired.

What are SentinelOne Singularity Cloud Security's standout features?

Ease of Use: Intuitive operation simplifies navigation across platforms.
Real-Time Detection: Quick identification and response to threats.
Automated Remediation: Streamlines recovery processes with integration capabilities.
Forensic Visibility: Aids in thorough threat analysis and prevention strategies.
Comprehensive Console: Offers full visibility and historical data tracking.
Platform Integration: Supports seamless operation across cloud and hybrid environments.

What benefits should users expect from SentinelOne Singularity Cloud Security?

Enhanced Efficiency: Automation and third-party integration improve threat response.
Improved Detection: Reduces mean time to detect and respond to threats.
Operational Support: Comprehensive visibility and forensic tools aid operational decisions.
Cost Efficiency: Affordable integration with scaling capabilities without high overhead.

SentinelOne Singularity Cloud Security is deployed in industries needing robust cloud security posture management, endpoint protection, and threat hunting. Utilized frequently across AWS and Azure, it assists in monitoring, threat detection, and maintaining compliance in diverse environments while providing real-time alerts and recommendations for proactive threat management.

SentinelOne

Sample Customers

Edmunds, Frame.io, GoDaddy, Realtor.com

Information Not Available

AWS Security Hub vs. SentinelOne Singularity Cloud Security