A Single Pane of Glass for Compliance and Security with the Now General Available AWS Security Hub
Recently, Amazon announced the general availability (GA) of AWS Security Hub, a new security service that provides customers with a central place to manage security and compliance across their AWS environment.
At the AWS re:Invent 2018 in Vegas, Amazon unveiled AWS Security Hub for the first time to the public as a solution to:
Ensure an AWS infrastructure meets compliance requirements
Handle multiple formats of findings from various security tools
Manage a large volume of alerts and the ability to prioritize them,
Provide a single pane of glass across security and compliance tools
With AWS Security Hub, customers will have a comprehensive view of their high-priority security alerts and compliance status across AWS accounts. Dan Plastina, vice president for External Security Services at AWS, said in a press release:
By using AWS Security Hub, customers can centrally organize, aggregate, and prioritize their security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, and an extensive growing list of AWS Partner Network (APN) solutions.
Furthermore, any findings are visually summarized on integrated dashboards with actionable graphs and tables. Also, customers can continuously monitor their environment using automated compliance checks based on the AWS best practices and industry standards they follow.
When enabling AWS Security Hub, permissions are automatically created via IAM service-linked roles, and the automated compliance checks start straight away for the AWS infrastructure. Currently, the first compliance available for the service is the Center for Internet Security (CIS) AWS Foundations Benchmark with more to follow later this year. Next, the results of the compliance checks are findings – each telling the user, the severity of the issue, which system reported it, which resources it affects, and various other metadata.
Subsequently, a user can group findings into insights using aggregation statements and filters.
With the GA release of AWS Security Hub together with the simultaneous GA release of AWS Control Tower, Amazon aims to simplify setting up, securing and monitoring AWS cloud environments for corporate customers. The public cloud provider is looking to bounce away from similar services on other cloud platforms such as Microsoft’s Azure Security Center and the Google Cloud Security Command Center. Furthermore, next to pricing, issues like ease of deployment and security are among the most common concerns for companies when they want to put more workloads in the cloud.
AWS Security Hub is currently available in the:
America regions – US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Canada (Central) and South America (Sao Paulo).
Asia Pacific regions – Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), and Asia Pacific (Tokyo).
Europe regions – Europe (Frankfurt), Europe (Ireland), Europe (London), and Europe (Paris).
Furthermore, Amazon will be adding more regions soon.
Lastly, there are upfront commitments required to use AWS Security Hub, and customers will pay only for the compliance checks performed and security findings ingested – with no charge for the first 10,000 security finding events each month. The pricing details for AWS Security Hub are available on the pricing page.