AWS Security Hub integrates with Amazon Detective
AWS Security Hub now integrates with Amazon Detective (preview). Amazon Detective makes it easy to analyze, investigate, and quickly identify the root cause of security findings or suspicious activities. Amazon Detective automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to help you visualize and conduct faster and more efficient security investigations. The initial AWS Security Hub integration with Amazon Detective allows you to pivot from Amazon GuardDuty findings in Security Hub directly into Amazon Detective to investigate them. DNS-related findings are not supported in this initial integration release. AWS Security Hub automatically enables this integration for customers that are whitelisted in Amazon Detective's gated public preview, but you first need to sign up and get access for Amazon Detective's preview. To learn more, visit the Integration page in the Security Hub console and click on the "Configuration" link for Amazon Detective.
Available globally, AWS Security Hub gives you a comprehensive view of your high priority security alerts and compliance status across your AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions. You can also continuously monitor your environment using automated compliance checks based on the AWS best practices and industry standards, such as the CIS AWS Foundations Benchmark. You can also take action on these security and compliance findings by using CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or to custom remediation playbooks.
You can enable your 30-day free trial of AWS Security Hub with a single-click in the AWS Management console. Please see the AWS Regions page for all the regions where Security Hub is available. To learn more about AWS Security Hub capabilities, see the AWS Security Hub documentation, and to start your 30-day free trial see the AWS Security Hub free trial page.