AWS Partner Network (APN) Blog

Tag: AWS Security Hub

Automated Cloud Network Threat Detection and Response with Blue Hexagon and AWS

VPC traffic mirroring and VPC ingress routing are powerful AWS networking primitives to monitor network traffic in your VPC at the packet-level. With Blue Hexagon’s next-gen Network Detection and Response (NG-NDR) security tool for AWS, which is powered by real-time deep learning, you can detect threats in network headers and payloads in less than a second. The additional AWS Security Hub integration enables you to trigger a rich action space of remediation and response.

Read More

Monitoring Your Palo Alto Networks VM-Series Firewall with a Syslog Sidecar

By hosting a Palo Alto Networks VM-Series firewall in an Amazon VPC, you can use AWS native cloud services—such as Amazon CloudWatch, Amazon Kinesis Data Streams, and AWS Lambda—to monitor your firewall for changes in configuration. This post explains why that’s desirable and walks you through the steps required to do it. You now have a way to monitor your Palo Alto Networks firewall that is very similar to how you monitor your AWS environment with AWS Config.

Read More
Accenture_AWS Solutions

Maximizing the Value of Your Cloud-Enabled Enterprise Data Lake by Tracking Critical Metrics

Successful data lake implementations can serve a corporation well for years. Accenture, an APN Premier Consulting Partner, recently had an engagement with a Fortune 500 company that wanted to optimize its AWS data lake implementation. As part of the engagement, Accenture moved the customer to better-suited services and developed metrics to closely monitor the health of its overall environment in the cloud.

Read More
Sumo Logic_AWS Solutions

Enabling Seamless Security and Compliance with Sumo Logic and AWS Security Hub

AWS Security Hub gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. The service also aggregates security events—called findings—from specific AWS security services while supporting third-party finding providers such as Sumo Logic. Learn how Sumo Logic’s integration with AWS Security Hub works and how to leverage it to address your goals.

Read More

How to Integrate AWS Security Hub Custom Actions with PagerDuty

AWS Security Hub is a great way to get visibility into your security profile for all your AWS accounts. PagerDuty gives you the ability to display, triage, and investigate events within your organization. When used together, Security Hub and PagerDuty gives you the ability to have full visibility and response to the security events happening in your AWS accounts. I invite you to explore PagerDuty and Security Hub further and see what you can do to build out your own integrations.

Read More
Security Hub-1

How to Enable Custom Actions in AWS Security Hub

AWS Security Hub’s Custom Actions allow you to initiate responsive actions against findings selected through the console. Your workflow benefits from these defined actions, reducing the dwell time to investigate and remediate findings in Security Hub. We introduce the process of creating Custom Actions with two examples: (1) sending findings to email; and 2) sending findings to Slack. This post will help you understand the process to create your own Custom Actions for utilization in Security Operations playbooks.

Read More