Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Skip to main content

AWS Solutions Library

Automated Security Response on AWS

Resolve common security threats and improve your security posture

View implementation guide

Overview

Automated Security Response on AWS is an AWS Solution that enhances AWS Security Hub by automatically addressing common security issues across your organization's AWS environment. When Security Hub identifies a potential security concern, this solution initiates pre-defined responses to resolve the issue efficiently. It also operates across multiple AWS accounts for comprehensive security coverage. This solution logs all actions taken, sends notifications to your relevant parties, and can integrate with your existing ticketing services. By automating the remediation of your Security Hub findings, you can maintain a strong security posture with reduced manual effort, aligning with industry best practices and compliance standards while streamlining your overall security management process.

Benefits

Initiate remediations and findings using custom actions in the Security Hub console.
Configure AWS Foundations Benchmarks or AWS Foundational Security Best Practices.
Deploy a predefined set of response and remediation actions to respond to threats automatically.
Extend this solution with custom remediation and playbook implementations. Or, deploy a custom playbook for a new set of controls.

How it works

You can automatically deploy this architecture using the implementation guide and the accompanying AWS CloudFormation template.

Open implementation guide

About this deployment

Version: 2.2.1
Released: 1/2025
Author: AWS
Est. deployment time: 30 mins
Estimated cost: See details

Deploy with confidence

Everything you need to launch this AWS Solution in your account is right here

We'll walk you through it

Get started fast. Read the implementation guide for deployment steps, architecture details, cost information, and customization options.

Open guide

Let's make it happen

Ready to deploy? Open the CloudFormation template in the AWS Console to begin setting up the infrastructure you need. You'll be prompted to access your AWS account if you haven't yet logged in.

Admin stack
Member accounts stack
Member roles stack

Related content

Case Study: TUI

Global travel company TUI Group improved security control management by using Automated Security Response on AWS to automate security management across its AWS landscape.

Read the full case study

Case Study: AvalonBay

AvalonBay Communities Inc. migrated to a serverless architecture on AWS, accelerating development by 75 percent while reducing costs by 40 percent and maintaining strong security.

Read the full case study

Getting Started with AWS Security, Identity, and Compliance

This course provides an overview of AWS security technology, use cases, benefits, and services.

Enroll now

AWS Certified Security - Specialty

This exam tests your technical expertise in securing the AWS platform. This is for anyone in an experienced security role.

Schedule your exam

Video

Intuit uses an AWS Solution to automate Security Hub remediations

Watch the video

Video

Solving with AWS Solutions: Intuit automates Security Hub remediations

Watch the video