Posted On: Apr 27, 2021
Starting today, you can configure AWS Systems Manager OpsCenter to automatically aggregate security findings from AWS Security Hub into OpsCenter as operational issues. This enables operations engineers and IT professionals to view, investigate, and resolve security issues along with other operational issues in OpsCenter. Additionally, you can now view Security Hub findings in AWS Systems Manager Explorer. AWS Systems Manager OpsCenter enables operators to track and resolve operational items related to AWS resources in a central place and AWS Systems Manager Explorer is an operations dashboard that provides a view of your operations data across your AWS environment. AWS Security Hub gives you a comprehensive view of your security alerts and security posture across your AWS accounts.
With this new integration, you can now automatically send Security Hub findings to Explorer and OpsCenter to aggregate and take action on your security issues alongside other performance and operational issues in Systems Manager. Within Explorer, you can now view a summary of all Security Hub findings based on severity. For security findings, an operational issue (OpsItem) is automatically created in OpsCenter for diagnosis and remediation. You can also use AWS Systems Manager Automation runbooks within OpsCenter to run pre-defined workflows to easily remediate common security issues with AWS resources. Additionally, OpsCenter supports a bidirectional integration with Security Hub – when you make updates to the status and severity fields of an OpsItem related to a security finding, those changes are automatically sent to Security Hub to enable you to see the latest information.
This feature is available in US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), EU (Frankfurt), EU (Ireland), EU (London), EU (Paris), EU (Stockholm), and South America (São Paulo) public AWS Regions.
To get started, visit the Systems Manager console, and choose Settings in Systems Manager Explorer or Configure sources in Systems Manager OpsCenter and enable AWS Security Hub. To learn more, see the AWS Systems Manager OpsCenter documentation or AWS Systems Manager Explorer documentation. For more information about AWS Security Hub, see the AWS Security Hub documentation.