AWS Security Hub is available globally. For a complete list of regions where AWS Security Hub is offered, see AWS Regions. AWS Security Hub is priced along two dimensions. The dimensions are based on the quantity of compliance checks and the quantity of finding ingestion events.
Compliance checks: AWS Security provides customers with prepackaged compliance standards, such as the CIS AWS Foundations Benchmark. Security Hub automatically evaluates each security control in a compliance standard via compliance checks. Compliance checks are charged per number of checks per account per region.
AWS Security Hub compliance checks leverage configuration items recorded by AWS Config. AWS Config is required for these compliance checks, and configuration items are priced separately from Security Hub. Security Hub customers are not charged separately for any Config rules enabled by Security Hub.
Finding ingestion events: AWS Security Hub ingests findings from various AWS services and from partner products. Finding ingestion events include both ingesting new findings and ingesting updates to existing findings. Finding ingestion events associated with Security Hub's compliance checks are not charged. Finding ingestion events are charged per number of events per account per region.
Free Trial
30-DAY TRIAL PERIOD
You can try AWS Security Hub at no additional charge with a 30-day free trial. The free trial enables you to get the full Security Hub feature set and compliance checks over the 30-day period. The free trial will provide you an estimate of your monthly bill.
Pricing details
Pricing examples (monthly)
Example 1: Small to medium organization
Monthly Charges =
1000 * $0.0010 (first 100,000 checks/account/region/month)
+ (1000 * $0) (first 10,000 events/account/region/month)
= $1 per month
$1 (per month)
Example 2: Large organization
Pricing dimensions:
• 2 regions, 5 accounts
• 100,000 compliance checks per account/region/month
• 100,000 finding ingestion events per account/region/month
Monthly Charges =
100,000 * $0.0010 * 5 * 2 (first 100,000 checks/account/region/month)
+ 10,000 * $0 (first 10,000 events/account/region/month)
+ 90,000 * $0.00003 * 5 * 2 (over 10,000 events/account/region/month)
= $1000 + $0 + $27
= $1027 per month
$1027 (per month)
Example 3: Very large organization
Pricing dimensions:
• 3 regions, 10 accounts
• 1,000,000 compliance checks per account/region/month
• 1,000,000 finding ingestion events per account/region/month
Monthly Charges =
100,000 * $0.0010 * 10 * 3 (first 100,000 checks/account/region/month)
+ 400,000 * $0.0008 * 10 * 3 (next 400,000 checks/account/region/month)
+ 500,000 * $0.0005 * 10 * 3 (over 500,000 checks/account/region/month)
+ 10,000 * $0 (first 10,000 events/account/region/month)
+ 990,000 * $0.00003 * 10 * 3 (over 10,000 events/account/region/month)
= $3000 + $9600 + $7500 + $0 + $891
= $20,991 per month
$20,991 (per month)
Additional pricing resources
Calculate your total cost of ownership (TCO)
Easily calculator your monthly costs with AWS
Additional resources for switching to AWS
Security Hub offers aggregated findings across AWS services and partner solutions, pre-configured and custom security insights, and multi-account support.
