Amazon Security Hub
Centrally view and manage security alerts and automate security checks
Amazon Security Hub gives you a comprehensive view of your security alerts and security posture across your Amazon Web Services accounts. There are a range of powerful security tools at your disposal, from firewalls and endpoint protection to vulnerability and compliance scanners. But oftentimes this leaves your team switching back-and-forth between these tools to deal with hundreds, and sometimes thousands, of security alerts every day. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple Amazon Web Services services, including Amazon Systems Manager Patch Manager and Amazon Identity and Access Management (IAM) Access Analyzer, as well as from Amazon Web Services Partner solutions. Amazon Security Hub continuously monitors your environment using automated security checks based on the Amazon Web Services best practices and industry standards that your organization follows. You can also take action on these security findings by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or to custom remediation playbooks. Get started with Amazon Security Hub in just a few clicks in the Management Console and once enabled, Security Hub will begin aggregating and prioritizing findings and conducting security checks.
Benefits
Save time with aggregated findings
Amazon Security Hub reduces the effort of collecting and prioritizing security findings across accounts, from Amazon Web Services services, and Amazon Web Services partner tools. The service ingests data using a standard findings format, eliminating the need for time-consuming data conversion efforts. It then correlates findings across providers to prioritize the most important findings.
Improve security posture with automated checks
With Security Hub, you can run automated, continuous security checks based on industry standards and best practices, such as the Center for Internet Security (CIS) Amazon Web Services Foundations Benchmark and Payment Card Industry Data Security Standard (PCI DSS). These checks provide a security score and identify specific accounts and resources that require attention.
Quickly take actions on findings
Integrated dashboards bring together your security findings across accounts to show you the current security and compliance status. Now you can easily spot trends, identify potential issues, and take the necessary next steps. For example, you can send findings to ticketing, chat, email, or automated remediation systems using integration with Amazon CloudWatch Events.
Partners
Meet the Amazon Web Services APN Partners who have integrated into Amazon Security Hub to provide customers with additional information and insights to understand their security posture and recommended remediation steps. See a full list of Amazon Security Hub integration partners.
