Posted On: Jun 13, 2023
AWS Security Hub, a cloud security posture management service that performs security best practice checks, aggregates alerts, and facilitates automated remediation, now features a capability to automatically update or suppress findings in near-real time. You can now use automation rules to automatically update various fields in findings, suppress findings, update finding severity and workflow status, add notes, and more.
From the Security Hub console, navigate to the Automations tab to create a new automation rule. There, you can create a custom rule from scratch, or create one based on rule templates that can help you get started. You can define specific criteria that would automatically evaluate against incoming findings and set actions to change finding fields, reducing finding volume and time to remediation.
Available globally, Security Hub is designed to give you a comprehensive view of your security posture across your AWS resources. With Security Hub, you have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services and over 65 AWS Partner Network (APN) solutions. You can also continuously monitor your environment using automated security checks based on industry best-practice standards.
You can try Security Hub for 30 days at no cost with a single step in the AWS Management Console. Consult the user guide to learn more about working with Security Hub findings and other features and capabilities, and stay up to date with to Security Hub announcements with Amazon Simple Notification Service.