AWS Security Blog

Category: AWS Security Hub

How to deploy the AWS Solution for Security Hub Automated Response and Remediation

In this blog post I show you how to deploy the Amazon Web Services (AWS) Solution for Security Hub Automated Response and Remediation. The first installment of this series was about how to create playbooks using Amazon CloudWatch Events, AWS Lambda functions, and AWS Security Hub custom actions that you can run manually based on […]

Read More

Aligning IAM policies to user personas for AWS Security Hub

AWS Security Hub provides you with a comprehensive view of your security posture across your accounts in Amazon Web Services (AWS) and gives you the ability to take action on your high-priority security alerts. There are several different user personas that use Security Hub, and they typically require different AWS Identity and Access Management (IAM) […]

Read More

Integrating AWS CloudFormation security tests with AWS Security Hub and AWS CodeBuild reports

The concept of infrastructure as code, by using pipelines for continuous integration and delivery, is fundamental for the development of cloud infrastructure. Including code quality and vulnerability scans in the pipeline is essential for the security of this infrastructure as code. In one of our previous posts, How to build a CI/CD pipeline for container […]

Read More

Monitoring AWS Certificate Manager Private CA with AWS Security Hub

Certificates are a vital part of any security infrastructure because they allow a company’s internal or external facing products, like websites and devices, to be trusted. To deploy certificates successfully and at scale, you need to set up a certificate authority hierarchy that provisions and issues certificates. You also need to monitor this hierarchy closely, […]

Read More

How to build a CI/CD pipeline for container vulnerability scanning with Trivy and AWS Security Hub

In this post, I’ll show you how to build a continuous integration and continuous delivery (CI/CD) pipeline using AWS Developer Tools, as well as Aqua Security‘s open source container vulnerability scanner, Trivy. You’ll build two Docker images, one with vulnerabilities and one without, to learn the capabilities of Trivy and how to send all vulnerability […]

Read More

Enabling AWS Security Hub integration with AWS Chatbot

October 6, 2020: The code for sending your findings to Slack, and one image, have been updated in this blog post. In this post, we show you how to configure AWS Chatbot to send findings from AWS Security Hub to Slack. Security Hub gives you a comprehensive view of your security high-priority alerts and security […]

Read More

AWS Foundational Security Best Practices standard now available in Security Hub

AWS Security Hub offers a new security standard, AWS Foundational Security Best Practices This week AWS Security Hub launched a new security standard called AWS Foundational Security Best Practices. This standard implements security controls that detect when your AWS accounts and deployed resources do not align with the security best practices defined by AWS security […]

Read More

Continuous compliance monitoring with Chef InSpec and AWS Security Hub

In this post, I will show you how to run a Chef InSpec scan with AWS Systems Manager and Systems Manager Run Command across your managed instances. InSpec is an open-source runtime framework that lets you create human-readable profiles to define security, compliance, and policy requirements and then test your Amazon Elastic Compute Cloud (Amazon […]

Read More

How to use the AWS Security Hub PCI DSS v3.2.1 standard

On February 13, 2020, AWS added partial support for the Payment Card Industry Data Security Standard (PCI DSS) version 3.2.1 requirements to AWS Security Hub. This update enables you to validate a subset of PCI DSS’s requirements and helps with ongoing PCI DSS security activities by conducting continuous and automated checks. The new Security Hub […]

Read More

Automated Response and Remediation with AWS Security Hub

November 19, 2020: AWS has an updated solution for implementing the automated response and remediation across multiple accounts. Please refer to the updated post on How to deploy the AWS Solution for Security Hub Automated Response and Remediation. AWS Security Hub is a service that gives you aggregated visibility into your security and compliance status […]

Read More