AWS Security Hub integrates with AWS Audit Manager for simplified security posture management

Posted on: Dec 8, 2020

AWS Security Hub is now integrated with AWS Audit Manager, which helps simplify how you assess risk and monitor your compliance with regulations and industry standards. AWS Audit Manager is a new service that helps you continuously audit your AWS usage and automates evidence collection to make it easier for you to assess whether your policies, procedures, and activities are operating effectively. Using a prebuilt or customized framework, you can launch an Audit Manger assessment to begin collecting and organizing evidence, such as Security Hub findings, in accordance with the requirements of an industry standard or regulation, such as the Payment Card Industry Data Security Standard (PCI DSS) or the Center for Internet Security (CIS) AWS Foundations Benchmark standard. With Audit Manager, you can focus on reviewing the relevant evidence to ensure your controls are working as intended and build audit-ready reports with much less manual effort. For more information on AWS Audit Manager, see their documentation here.

AWS Security Hub is available globally and is designed to give you a comprehensive view of your security posture across your AWS accounts. With Security Hub, you now have a single service that aggregates, organizes, and prioritizes your security alerts or findings from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, AWS System Manager Patch Manager, and AWS IAM Access Analyzer, as well as from over 50 AWS Partner Network (APN) solutions. You can also continuously monitor your environment using automated security checks based on standards, such as AWS Foundational Security Best Practices, the CIS AWS Foundations Benchmark, and the Payment Card Industry Data Security Standard. Further, you can take action on these findings by investigating them in Amazon Detective, using Amazon EventBridge rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools, or by using your custom remediation playbooks.

You can enable your 30-day free trial of AWS Security Hub with a single-click in the AWS Management console. Please see the AWS Regions page for all the regions where AWS Security Hub is available. To learn more about AWS Security Hub capabilities, see the AWS Security Hub documentation. Visit the AWS Security Hub free trial page to start your 30-day free trial.