What is AWS Security Hub?
AWS Security Hub is a Cloud Security Posture Management service that aggregates and centralizes security findings from your entire AWS environment. The service automatically collects findings from AWS security services like GuardDuty, Inspector, and Macie, normalizes them into a unified format, and checks your configuration against compliance standards.
Security Hub solves the problem of fragmented security data. Without a central service, you would need to manually correlate findings from dozens of AWS services and third party tools. Security Hub consolidates everything in one dashboard with a prioritized security score.
Core Features
- Central Aggregation: Findings from AWS services and partners in one place
- Compliance Checks: Automated verification against CIS, PCI DSS, NIST, and more
- Security Score: Consolidated score for your security posture
- Automated Findings: Continuous configuration checks
- EventBridge Integration: Automated remediation workflows
Typical Use Cases
Compliance Monitoring
Security Hub continuously checks your AWS configuration against compliance standards. Enable the desired standards and immediately get an overview of deviations. Detailed remediation guidance helps with fixes. Ideal for regulated industries.
Central Security Dashboard
Aggregate security findings from all AWS accounts and regions. Security Hub displays critical findings prioritized. Trends over time help measure security posture improvement. Export reports for stakeholders and audits.
Automated Remediation
Configure automatic responses to security findings. For an open security group, trigger a Lambda function for automatic closure. For compromised credentials, rotate them via Secrets Manager. Pre built playbooks accelerate implementation.
Advantages
- Consolidated overview of all security findings
- Automated compliance checks against standards
- Integration with all AWS security services
- Automated remediation reduces MTTR
Integration with innFactory
As an AWS Reseller, innFactory supports you with AWS Security Hub: activation and configuration, custom insights for your requirements, remediation playbooks, and integration into existing SIEM systems.
Typical Use Cases
Frequently Asked Questions
What is AWS Security Hub?
AWS Security Hub is a central security service that aggregates security findings from AWS services and third party tools, checks against compliance standards, and enables automated remediation. It provides a consolidated view of your security posture.
Which compliance standards are supported?
Security Hub supports CIS AWS Foundations Benchmark, AWS Foundational Security Best Practices, PCI DSS, NIST 800-53, and SOC 2. Automated checks continuously verify your AWS resources against these standards.
How does integration with other security services work?
Security Hub automatically imports findings from GuardDuty, Inspector, Macie, IAM Access Analyzer, Firewall Manager, and Config. Partner integrations enable import from third party tools. All findings are normalized to AWS Security Finding Format.
How do I automate remediation?
Security Hub integrates with EventBridge for automated workflows. On new findings, you can trigger Lambda functions, start Systems Manager Automation, or create tickets in ServiceNow. Pre built playbooks address common misconfigurations.