Posted On: Nov 27, 2023

Today, AWS announces new capabilities in AWS Security Hub that allow security teams to centrally enable and configure Security Hub standards and controls across accounts and Regions in just a few steps. This enhancement is designed to streamline and simplify how you set up and administer Security Hub in your multi-account, multi-Region organizations. You can now use Security Hub central configuration to address gaps in your security coverage by creating security policies with your desired standards and controls and applying them in selected Regions across accounts and Organizational Units (OUs). 

The new capabilities in Security Hub help significantly reduce the effort required to globally manage Security Hub and ensure that your organization’s accounts have the desired security coverage. Organization administrators can now set the Security Hub delegated administrator (DA) for all Regions at once, and then view and configure the cloud security posture management capabilities, such as standards and controls, for all or some accounts globally, without needing to update them account-by-account and Region-by-Region. With central configuration, you can use the DA account as a single pane of glass for your security findings—and also for your organization’s configurations in Security Hub.

The new capabilities are now available in all AWS Regions where Security Hub is available, excluding the AWS GovCloud (US) Regions and AWS China Regions. 

To get started, consult the following resources: