Posted On: Nov 27, 2023

Today, Amazon Web Services Inc. (AWS) announces new metadata enrichment for findings aggregated in AWS Security Hub that allow you to better contextualize, prioritize, and take action on your security findings. This enrichment adds resource tags, a new AWS application tag, and account name information to every finding ingested into Security Hub, including findings from AWS security services such as Amazon GuardDuty, Amazon Inspector, and AWS IAM Access Analyzer, as well as a large and growing list of AWS Partner Network (APN) solutions.

Cloud security teams use Security Hub as their single pane of glass to centralize their security operations. Now, Security Hub consistently enriches all its findings with resource tags, a new AWS application tag, and account name as the findings are ingested. This new finding enrichment in Security Hub eliminates the need to build data enrichment pipelines or manually enrich metadata of security findings. It also makes it easier to fine-tune findings for automation rules, search or filter findings and insights, and assess security posture status by application in Security Hub widgets, and in related AWS applications.

The full feature is now available in all AWS Regions where Security Hub is available, excluding the AWS GovCloud (US) Regions and AWS China Regions. You can also access the feature in the AWS GovCloud (US) Regions and China Regions with only resource tags enrichment.

To learn more, try Security Hub free for 30 days on the AWS Free Tier, and consult the Security Hub finding enrichment documentation.