Posted On: Jan 27, 2021
AWS Security Hub is now integrated with Cloud Storage Security: Antivirus for Amazon S3. Cloud Storage Security uses the AWS Security Finding Format (ASFF) to send findings to Security Hub. Security Hub’s integrations with Forcepoint CASB (Cloud Access Security Broker), Forcepoint DLP (Data Loss Prevention), Forcepoint NGFW (Next-Generation Firewall), Palo Alto Networks Prisma Cloud Compute and Palo Alto Networks Prisma Cloud Enterprise are now available in AWS GovCloud (US) Regions. Forcepoint CASB, Forcepoint DLP, Forcepoint NGFW, Palo Alto Networks Prisma Compute and Palo Alto Networks Prisma Enterprise now send findings to Security Hub using the ASFF. To learn more, visit the Integration pages in the Security Hub console and click on the "Configuration" link for the integration to learn more about the integration and how to set it up.
Cloud Storage Security: Antivirus for Amazon S3 is an anti-malware and anti-virus scanning solution for S3 objects. The outcome of the scans are packaged and sent to Security Hub for centralized monitoring and remediation. Palo Alto Networks Prisma Cloud Enterprise monitors your assets in AWS for resource misconfigurations, compliance violations, network security risks, and anomalous user activities. Palo Alto Networks Prisma Cloud Compute provides protection across hosts, containers, and serverless deployments in AWS throughout the application lifecycle.
Forcepoint CASB allows you to discover cloud application use, analyze risk, and enforce appropriate controls for SaaS and custom applications. Forcepoint DLP addresses human-centric risk with visibility and control everywhere your people work and everywhere your data resides. Forcepoint NGFW lets you connect your AWS environment into your enterprise network with the scalability, protection, and insights needed to manage your network and respond to threats. All the integrations will be sending findings to AWS Security Hub.
AWS Security Hub is available globally and is designed to give you a comprehensive view of your security posture across your AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and AWS IAM Access Analyzer, as well as from over 50 APN solutions. You can also continuously monitor your environment using automated security checks based on standards, such as AWS Foundational Security Best Practices, the CIS AWS Foundations Benchmark, and the Payment Card Industry Data Security Standard. You can also take action on these findings by investigating findings in Amazon Detective, by using Amazon EventBridge rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools, or by using your custom remediation playbooks.