AWS Security Hub

Centrally view and manage security alerts and automate security checks

AWS Security Hub gives you a comprehensive view of your security alerts and security posture across your AWS accounts. There are a range of powerful security tools at your disposal, from firewalls and endpoint protection to vulnerability and compliance scanners. But oftentimes this leaves your team switching back-and-forth between these tools to deal with hundreds, and sometimes thousands, of security alerts every day. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, including AWS Systems Manager Patch Manager and AWS Identity and Access Management (IAM) Access Analyzer, as well as from AWS Partner solutions. AWS Security Hub continuously monitors your environment using automated security checks based on the AWS best practices and industry standards that your organization follows. You can also take action on these security findings by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or to custom remediation playbooks. Get started with AWS Security Hub in just a few clicks in the Management Console and once enabled, Security Hub will begin aggregating and prioritizing findings and conducting security checks.

Benefits

Save time with aggregated findings

AWS Security Hub reduces the effort of collecting and prioritizing security findings across accounts, from AWS services, and AWS partner tools. The service ingests data using a standard findings format, eliminating the need for time-consuming data conversion efforts. It then correlates findings across providers to prioritize the most important findings.

Improve security posture with automated checks

With Security Hub, you can run automated, continuous security checks based on industry standards and best practices, such as the Center for Internet Security (CIS) AWS Foundations Benchmark and Payment Card Industry Data Security Standard (PCI DSS). These checks provide a security score and identify specific accounts and resources that require attention.

Quickly take actions on findings

Integrated dashboards bring together your security findings across accounts to show you the current security and compliance status. Now you can easily spot trends, identify potential issues, and take the necessary next steps. For example, you can send findings to ticketing, chat, email, or automated remediation systems using integration with Amazon CloudWatch Events.

Partners

Meet the AWS APN Partners who have integrated into AWS Security Hub to provide customers with additional information and insights to understand their security posture and recommended remediation steps. See a full list of AWS Security Hub integration partners.