Posted On: Sep 30, 2020

AWS Security Hub is now integrated with Alcide, Blue Hexagon, Palo Alto Networks VM-Series, and RSA Archer. Vectra AI’s Cognito integration with Security Hub is now available in AWS GovCloud (US). This brings the total number of AWS and partner product integrations available in Security Hub to 55. Further, KPMG is now certified as Security Hub’s first consulting partner. To learn more, visit the Integration pages in the Security Hub console and click on the "Configuration" link for the partner to learn more about the integration and how to set it up.  

Alcide sends Kubernetes-related threat detections and policy violations to Security Hub. Blue Hexagon integrates with Amazon VPC Traffic Mirroring to detect potential network threats and sends those to Security Hub. Palo Alto Network’s VM-Series is a virtual firewall that ingests findings from Security Hub and extracts Indicators of Compromise (IoCs) from those findings to update firewall rules. RSA Archer is a risk management tool that ingests findings from Security Hub to help customers with compliance use cases and to take action on findings. Vectra AI’s Cognito platform also integrates with Amazon VPC Traffic Mirroring to detect potential network threats and sends those to Security Hub.

KPMG is Security Hub’s first consulting partner, and their certified AWS specialists can help you initially configure your Security Hub implementation and further optimize it with custom response and remediation logic.

AWS Security Hub is available globally and gives you a comprehensive view of your security posture across your AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and AWS IAM Access Analyzer, as well as from over 45 AWS Partner solutions. You can also continuously monitor your environment using automated security checks based on standards, such as AWS Foundational Security Best Practices, the CIS AWS Foundations Benchmark, and the Payment Card Industry Data Security Standard. You can also take action on these findings by investigating findings in Amazon Detective, by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools, or by using your custom remediation playbooks.  

You can enable your 30-day free trial of AWS Security Hub with a single-click in the AWS Management console. Please see the AWS Regions page for all the regions where AWS Security Hub is available. To learn more about AWS Security Hub capabilities, see the AWS Security Hub documentation, and to start your 30-day free trial see the AWS Security Hub free trial page.