AWS Security Hub

AWS Security Hub

May 13, 2020 / Eternal Team

The AWS Security Hub tool provides a comprehensive view of security and compliance alerts across various AWS accounts. Security findings are collected and summarized on integrated dashboards. The service helps you monitor critical settings to ensure that your AWS accounts remain secure, allowing you to notice and react quickly to any changes in your environment

With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager and it’s a regional service.

AWS security Hub overview

AWS Security Hub is easily done through the AWS Management Console, and AWS CLI or by using Infrastructure-as-Code tools such as Terraform.

Why would you want to use AWS Security Hub?

  1. As we already told you it is the central place for AWS CloudTrail, AWS GuardDuty, AWS Macie incidents for all your AWS accounts.
  2. Ability to search through all “findings” recorded from the time AWS Security Hub was enabled
  3. Ability to monitor compliance to CIS AWS Foundation on all your AWS Accounts
  4. AWS Security Hub allows for custom actions to be created which are captured in CloudWatch events and then from there can be fed into existing security incident management systems.

Some key Note.

This is not a useful service, if you only have less than 2 AWS Accounts, where you don’t have too many things running on AWS.

This is not a useful service, if you are not using EC2 instances or some of the managed AWS services like RDS, Lambda etc.

AWS Security Hub cost?

AWS Security Hub is not a free service, though it does offer a 30-day free trial to start. The cost is not fixed but depends on the number of compliance checks and security finding ingestion.

The 30-day free trial should allow an organization to estimate their Security Hub spend, though costs could increase or decrease as third party solution integrations are enabled/disabled, thus affecting the total number of ingested security findings.

Conclusion

AWS Security Hub allows you to have more visibility into the security and compliance status of your AWS environments. Security Hub has undergone HIPAA, ISO, PCI, and SOC certification. To learn more about Security Hub, refer to the AWS Security Hub documentation.

AWS-Consulting-Partner

Talk to AWS Certified Consultant

Want to start a project?

It’s simple.

Contact us