Posted On: Apr 15, 2021
AWS Security Hub Automated Response & Remediation solution supports 11 new AWS Foundational Security Best Practices controls.
AWS Security Hub Automated Response & Remediation solution is a reference implementation that includes a library of automated security response and remediation actions to common security findings. The solution makes it easier for customers to resolve common security findings and improve their security posture in AWS.
AWS Security Hub gives you a comprehensive view of your security posture across your AWS accounts. Customers can create CloudWatch Event rules to invoke on-demand response workflows for selected findings across their AWS accounts, or they can use CloudWatch Event rules to take fully automated actions on specific types of findings. Many customers find the process to set up CloudWatch Event rules difficult and time consuming and creating the permissions to enable them to run cross-account can be complex. The AWS Security Hub Automated Response & Remediation solution simplifies this process by offering predefined response and remediation actions to common security controls. The solution supports 21 automated remediations in total. Version 1.0 offers 10 prepackaged security playbooks to remediate security findings based on the Center for Internet Security (CIS) AWS Foundations Benchmark. Version 1.2 includes a playbook of 11 fully automated remediations based on the AWS Foundational Security Best Practices standard.
The AWS Security Hub Automated Response & Remediation solution works in all regions that support AWS Service Catalog and AWS Systems Manager as well as AWS GovCloud (US) Regions, China Regions, Milan, Bahrain, and Hong Kong. To get started with the solution, visit the AWS Solution Library or GitHub.