AWS Security Hub aggregates, organises, and prioritises security alerts – called findings – from AWS services such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, and from a large and growing list of AWS Partner Network (APN) solutions.
“AWS Security Hub is the glue that connects what AWS and our security partners do to help customers manage and reduce risk,” said Dan Plastina, vice president for external security services at AWS. “By combining automated compliance checks, the aggregation of findings from more than 30 different AWS and partner sources, and partner-enabled response and remediation workflows, AWS Security Hub gives customers a simple way to unify management of their security and compliance.”
Customers can also run automated, continuous compliance checks based on industry standards and best practices, helping to identify specific accounts and resources that require attention. AWS Security Hub brings all of this information together in one place, providing a comprehensive view of a customer’s overall security and compliance status visually summarised on integrated dashboards with actionable graphs and tables.
With AWS Security Hub, customers can also quickly see their entire AWS security and compliance state in one place. AWS Security Hub collects and aggregates findings from the security services running in a customer’s environment, such as intrusion detection findings from Amazon GuardDuty, vulnerability scan results from Amazon Inspector, sensitive data identifications from Amazon Macie, and findings generated by a wide portfolio of security tools from APN partners.
The service then correlates findings across providers to prioritise the most important information, highlight trends, and identify resources that may require attention. Customers can also continuously monitor their environment with automated configuration and compliance checks based on industry standards and best practices, such as Center for Internet Security (CIS) AWS Foundations Benchmark.