Ensure that Amazon Security Hub is enabled and configured in order to improve your security posture within AWS cloud. Security Hub eliminates the complexity of managing the security of your AWS cloud accounts and workloads. When Security Hub is enabled, it starts to collect, organize, and prioritize security findings from other security-oriented AWS cloud services such as intrusion detection findings from Amazon GuardDuty, vulnerability findings from Amazon Inspector, and sensitive data identification findings from Amazon Macie, or from third-party partner security tools. Security Hub is also generating its own findings as the result of running continuous configuration checks against the conformity rules supported by the industry-accepted best practices such as CIS AWS Foundations Benchmark. In addition, to eliminate the need for time-consuming data conversion processes, Amazon Security Hub can consume your own security findings using a standard format called AWS Finding Format, then correlates the findings across all providers to prioritize the most important ones. In the end, the security findings can be sent to a ticketing system like Atlassian Jira, to an email address, or to an auto-remediation function provided by Trend Cloud One™ – Conformity.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
optimisation
Amazon Security Hub helps you check your AWS cloud environment against the latest security best practices and industry standards, provides a consolidated view of your security status in one place, and enables you to quickly assess your security posture across your AWS accounts.
Audit
To determine if Amazon Security Hub is enabled within your AWS account, perform the following operations:
Remediation / Resolution
To enable Amazon Security Hub the following requirements must be met:
1) AWS Config service must be enabled within your AWS account, and
2) a managed policy named "AWSSecurityHubFullAccess" must be attached to the IAM identity that enables and configures Security Hub. To enable the security service in your AWS cloud account, perform the following operations:
References
- AWS Documentation
- AWS Security Hub FAQs
- How Security Hub works
- Setting up AWS Security Hub
- Enabling Security Hub manually
- AWS managed policies for AWS Security Hub
- Available third-party partner product integrations
- Findings in AWS Security Hub
- AWS Security Finding Format (ASFF)
- Product integrations in AWS Security Hub
- AWS Command Line Interface (CLI) Documentation
- describe-hub
- enable-security-hub
- Other Documentation
- Securing Amazon Web Services