Posted On: Jan 22, 2025

Amazon Security Hub now supports Amazon Route 53 Resolver DNS Firewall, allowing you to receive security findings for DNS queries made from your Amazon VPCs for domains suspected as malicious or identified as low-reputation. Route 53 Resolver DNS Firewall is a managed firewall that enables you to block DNS queries made for malicious domains and to allow queries for trusted domains.  

Today, Amazon Security Hub gives you a comprehensive view of your security alerts and compliance status across your Amazon Web Services accounts. This integration allows you to enable three new finding types for Security Hub. You can now receive security findings for queries blocked or alerted on for domains associated with Managed Domain Lists, customer domain lists, and threats identified by Route 53 Resolver DNS Firewall Advanced. With this launch, you now have a single place to view security findings for your accounts that may be associated with malicious DNS queries, alongside findings from multiple Amazon Web Services products and services, such as Amazon GuardDuty and Amazon Inspector.

The feature is available in all Amazon Web Services Regions where Amazon Route 53 Resolver DNS Firewall is available. See here for the list of Amazon Web Services Regions where Route 53 Resolver DNS Firewall is available. To learn more about Amazon Security Hub capabilities, see the Amazon Security Hub documentation. To learn more about Route 53 Resolver DNS Firewall, see the product page or documentation.