Posted On: Feb 24, 2023
AWS announces the availability of a new Controls view and Consolidated Control Findings in AWS Security Hub. The new controls page shows all security controls in one place, along with their compliance status and a summary of passed and failed security checks. You can use this view to identify misconfigurations based on severity and number of failed resources, to improve your overall security score, and to configure each control across all standards in a single action. This release also includes a matching set of APIs to obtain, list, and update security controls across all your security standards.
Consolidated Control Findings allows you to consolidate findings between standards. Prior to this release, Security Hub generated one finding for every security standard even if controls in different standards were evaluated using the same check. Now, when you turn on Consolidated Control Findings, Security Hub will generate a new consolidated finding for every check and archive the original findings. Activating this feature will help simplify how you triage, investigate, and remediate findings, as you will no longer have multiple copies of findings that refer to the same misconfiguration. If you use the Security Hub integration with AWS Organizations or have invited member accounts through a manual invitation process, consolidated control findings is turned on for the member accounts only if the admin has turned it on. This applies to new and existing member accounts and helps you maintain consistency across the accounts you manage.
The new capabilities are now available in all Regions where Security Hub is available, with the exception of AWS GovCloud (US).
For more information about how to prepare for the new capabilities, visit Impact of consolidation on ASFF fields and values. For more information about how to turn on consolidated control findings, visit Generating and updating control findings. To learn more about other Security Hub capabilities, visit the Security Hub documentation, and to start your 30-day free trial visit the Security Hub free trial page.
To receive announcements about new AWS Security Hub features, subscribe to the AWS Security Hub SNS topic in your preferred Region.