AWS Announces General Availability of AWS Security Hub
June 2019 by Marc Jacob
Amazon Web Services Inc., an Amazon.com company announced the general availability of AWS Security Hub, a service that gives customers a central place to manage security and compliance across an AWS environment. AWS Security Hub aggregates, organizes, and prioritizes security alerts – called findings – from AWS services such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, and from a large and growing list of AWS Partner Network (APN) solutions. Customers can also run automated, continuous compliance checks based on industry standards and best practices, helping to identify specific accounts and resources that require attention. AWS Security Hub brings all of this information together in one place, providing a comprehensive view of a customer’s overall security and compliance status visually summarized on integrated dashboards with actionable graphs and tables. There are no upfront commitments required to use AWS Security Hub, and customers pay only for the compliance checks performed and security findings ingested, with no charge for the first 10,000 security finding events each month.
Enterprises today use a broad array of AWS and third-party tools to secure their environments. These tools are effective but they also generate many findings – all viewable in different consoles and dashboards. Many customers use a patchwork set of custom-built solutions to manage and monitor compliance across distributed accounts and workloads. To understand their overall security and compliance state, customers must either manually pivot between all these tools or invest in developing complex systems to aggregate and analyze the findings. This makes it challenging for security teams to centralize their security findings, prioritize the events that matter most, and ensure that accounts and workloads are operating in a compliant manner.
With AWS Security Hub, customers can quickly see their entire AWS security and compliance state in one place. AWS Security Hub collects and aggregates findings from the security services running in a customer’s environment, such as intrusion detection findings from Amazon GuardDuty, vulnerability scan results from Amazon Inspector, sensitive data identifications from Amazon Macie, and findings generated by a wide portfolio of security tools from APN partners. The service then correlates findings across providers to prioritize the most important information, highlight trends, and identify resources that may require attention. Customers can also continuously monitor their environment with automated configuration and compliance checks based on industry standards and best practices, such as Center for Internet Security (CIS) AWS Foundations Benchmark. If these checks identify any accounts or resources that deviate from a best practice, AWS Security Hub flags the problem and recommends remediation steps. AWS Security Hub gives security teams the visibility they need to prioritize work and improve their security and compliance state by centralizing their most important information in one easy-to-manage place.
“AWS Security Hub is the glue that connects what AWS and our security partners do to help customers manage and reduce risk,” said Dan Plastina, Vice President for External Security Services at AWS. “By combining automated compliance checks, the aggregation of findings from more than 30 different AWS and partner sources, and partner-enabled response and remediation workflows, AWS Security Hub gives customers a simple way to unify management of their security and compliance.”
AWS Security Hub ingests data from different sources using a standard findings format, eliminating the need for time-consuming data conversion efforts. Amazon CloudWatch and AWS Lambda integrations allow customers to execute automated remediation actions based on specific types of findings. Customers can also integrate AWS Security Hub with their automation workflows and third-party tools like ticketing, chat, and Security Information and Event Management (SIEM) systems to quickly take action on issues. Leading providers, including Alert Logic, Armor, Atlassian, Barracuda, Check Point (CloudGuard Dome9 and CloudGuard IaaS), Cloud Custodian, CrowdStrike, CyberArk, F5, GuardiCore, IBM, McAfee, PagerDuty, Palo Alto Networks (Demisto, RedLock, and VM-Series), Qualys, Rapid7 (VMInsight and InsightConnect), ServiceNow, Slack, Splunk (Splunk Enterprise and Phantom), Sophos, Sumo Logic, Symantec, Tenable, Turbot, and Twistlock have built integrations with AWS Security Hub, with many new integrations to be added regularly. Customers can try AWS Security Hub at no additional charge with a 30-day free trial. AWS Security Hub is available today in US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Canada (Central), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), and South America (Sao Paulo), with additional regions coming soon.
With nearly 19 million customers worldwide, GoDaddy is the place people come to name their idea, build a professional website, attract customers, and manage their work.
The Pokemon International Company manages one of the most popular children’s entertainment properties in the world. “The Pokemon International Company faces a wide variety of regulations and compliance requirements that govern how our AWS workloads must be managed,” said Jacob Bornemann, Senior Information Security Engineer. “We were considering building out our own compliance rules for the CIS AWS Foundations Benchmark, but AWS Security Hub made it simple to activate these compliance checks automatically.”
Rackspace delivers modern IT as a service, helping customers in more than 150 countries drive business results with technology. “Our joint customers with AWS look to Rackspace to provide them always-on managed security services to protect their AWS workloads”, said Brian Jawalka, Senior Director of Rackspace Managed Services for AWS. “AWS Security Hub provides us with a simple and streamlined approach to consolidate all of our AWS customer’s security and compliance issues into a standardized format and route those issues to our Rackspace-powered response and remediation processes.”
Today’s leading media companies use Frame.io to streamline their video review and collaboration process with teammates, clients and a variety of other stakeholders.
PagerDuty is a leader in digital operations management, empowering organizations of all sizes with real-time and data-driven insights to drive better business results. “Through our integration with AWS Security Hub, we’re able to reduce the friction for our customers when taking action on security and compliance findings,” said Jonathan Rende, SVP for Product and Marketing. “With a couple clicks, our AWS customers can now integrate Security Hub and PagerDuty to orchestrate the routing of findings to security analysts and developers alike when automating response actions, making it easier than ever to initiate and manage remediation.”