Posted On: Nov 3, 2021
AWS Security Hub now supports Amazon Virtual Private Cloud (VPC) endpoints via AWS PrivateLink so that you can securely initiate API calls to Security Hub from within your VPC without requiring those calls to traverse across the Internet. AWS PrivateLink support for Security Hub is now available in all AWS Regions where Security Hub is available. To try the new feature, you can go to the VPC console, API, or SDK to create a VPC endpoint for Security Hub in your VPC. This creates an elastic network interface in your specified subnets. The interface has a private IP address that serves as an entry point for traffic that is destined for Security Hub. You can read more about Security Hub’s integration with PrivateLink here.
AWS Security Hub is available globally and is designed to give you a comprehensive view of your security posture across your AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, including Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, AWS Systems Manager Patch Manager, AWS Chatbot, AWS Config, and AWS IAM Access Analyzer. You can also receive and manage findings from over 60 AWS Partner Network (APN) solutions. You can also continuously monitor your environment using automated security checks that are based on standards, such as AWS Foundational Security Best Practices, the CIS AWS Foundations Benchmark, and the Payment Card Industry Data Security Standard.
You can take action on findings by investigating them in Amazon Detective or sending them to AWS Audit Manager via Security Hub’s automated integrations with those services. You can also use Amazon EventBridge rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), response and remediation workflows, and incident management tools.