Posted On: Mar 8, 2021
AWS Security Hub has released 25 new controls for its Foundational Security Best Practice standard. These controls conduct fully automatic checks against security best practices for Amazon API Gateway (APIGateway.1), Amazon Cloudfront (CloudFront.1-4), Amazon DynamoDB (DynamoDB.1-3), Amazon Elastic Compute Cloud (EC2.9-10), Amazon Elastic File System (EFS.2), Amazon Elasticsearch Service (ES.2-3), Amazon RDS (RDS.9-10), Amazon Redshift (RedShift.1-3,6), Amazon Simple Notification System (SNS.1), AWS Elastic Load Balancing (ELB.3-6), and AWS Key Management Service (KMS.3). If you enabled the AWS Foundational Security Best Practices standard in an account and configured Security Hub to automatically enable new controls, the above new controls are enabled by default. Security Hub now supports 115 security controls to automatically check your security posture in AWS.
AWS Security Hub is available globally and is designed to give you a comprehensive view of your security posture across your AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, including Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, AWS Systems Manager Patch Manager, AWS Chatbot, AWS Config, AWS IAM Access Analyzer, as well as from over 50 AWS Partner Network (APN) solutions. You can also continuously monitor your environment using automated security checks based on standards, such as AWS Foundational Security Best Practices, the CIS AWS Foundations Benchmark, and the Payment Card Industry Data Security Standard. In addition, you can take action on these findings by investigating findings in Amazon Detective or sending them to AWS Audit Manager. You can also use Amazon EventBridge rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), response and remediation workflows, and incident management tools.