Posted On: Feb 14, 2020

AWS Security Hub now supports automated security checks aligned to the Payment Card Industry Data Security Standard (PCI DSS) version 3.2.1 requirements. Security Hub’s PCI DSS standard includes 32 automated rules designed to help you with your ongoing PCI DSS security activities by conducting continuous checks against 32 PCI DSS requirements across 14 AWS services. These 32 security checks are in addition to Security Hub’s existing 43 automated security checks for the Center for Internet Security’s (CIS) AWS Foundations Benchmark. Security Hub’s documentation provides details on how Security Hub’s PCI DSS checks map to specific PCI DSS requirements.  

The 32 checks were validated by AWS Security Assurance Services, LLC (AWS SAS), which is a team of Qualified Security Assessors, authorized by the PCI Security Standards Council to perform PCI DSS assessment services.

An AWS Security blog is available here that explains how to use the PCI standard for Security Hub, and you can sign up here for an online tech talk that will be held on Wednesday, February 19, 2020. 

Available globally, AWS Security Hub gives you a comprehensive view of your high priority security alerts and compliance status across your AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and AWS IAM Access Analyzer, as well as from over 40 AWS Partner solutions. You can also continuously monitor your environment using automated compliance checks based on standards, such as the CIS AWS Foundations Benchmark and the PCI DSS. You can also take action on these findings by investigating findings in Amazon Detective and by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or to custom remediation playbooks.

You can enable your 30-day free trial of AWS Security Hub with a single-click in the AWS Management console. Please see the AWS Regions page for all the regions where AWS Security Hub is available. To learn more about AWS Security Hub capabilities, see the AWS Security Hub documentation, and to start your 30-day free trial see the AWS Security Hub free trial page.