Posted On: Jun 7, 2022
AWS Security Hub now automatically receives AWS Config managed and custom rule evaluation results as security findings. AWS Config allows security and compliance professionals to assess, audit, and evaluate the configurations of their AWS resources via Config rules, which evaluate the compliance of AWS resources against specified policies. Examples of resource misconfigurations detected by Config rules include publicly-accessible Amazon S3 buckets, unencrypted EBS volumes, and overly-permissive IAM policies. When a Config rule evaluation passes or fails, you will now see a ‘passed’ or ‘failed’ finding for that evaluation in Security Hub. Any updates to the status of the Config rule evaluation will be automatically updated in the Security Hub finding. This new integration between Security Hub and AWS Config expands the centralization and single pane of glass experience by consolidating your Config evaluation results alongside your other security findings, allowing you to more easily search, triage, investigate, and take action on your security findings.
Available globally, AWS Security Hub gives you a comprehensive view of your security posture across your AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and AWS IAM Access Analyzer, as well as from over 65 AWS Partner Network (APN) solutions. You can also continuously monitor your environment using automated security checks based on standards, such as AWS Foundational Security Best Practices, the CIS AWS Foundations Benchmark, and the Payment Card Industry Data Security Standard. You can also take action on these findings by investigating findings in Amazon Detective and by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or to custom remediation playbooks.
You can enable your 30-day free trial of AWS Security Hub with a single-click in the AWS Management console. Please see the AWS Regions page for all the regions where AWS Security Hub is available. To learn more about AWS Security Hub capabilities, see the AWS Security Hub documentation, and to start your 30-day free trial see the AWS Security Hub free trial page.