SlideShare a Scribd company logo

AWS Security Hub

Crishantha Nanayakkara, profile picture
Crishantha Nanayakkara

AWS Security Hub provides a single place to manage security alerts and compliance checks across AWS accounts and services. It integrates findings from AWS services like GuardDuty, Inspector, and Macie as well as many third-party security products. These findings are normalized into a standard format and prioritized. Security Hub also allows users to check compliance with the CIS Benchmark security standard through automated configuration and compliance checks.

Engineering
Related topics:
Cloud Security Insights
1 of 27
Downloaded 37 times
1
2
3
4
Most read
5
6
7
Most read
8
9
10
11
12
13
14
Most read
15
16
17
18
19
20
21
22
23
24
25
26
27
By Crishantha Nanayakkara AWS Security Hub Source: AWS Blogs
Agenda ● What is Security Hub? ● The Need  ● The Benefits  ● How it works ● Security Hub – Integrations ● Security Hub – Compliance ● Pricing ● Demo
Re­Invent 2018 – Security Hub Launch Andy Jassy, AWS CEO at Re-Invent 2018, Las Vegas Reference: https://www.youtube.com/watch?v=a4l1UCo3YHE
The Competition Azure Security Center Google Cloud Security Command Center
The Need ● Security Compliance Issues – Which Security  compliance is most suited? ● So many security alert formats from different  security products – Need to spend a lot of money to  get them to a common format, which can be searched  and analyzed ● Too many security alerts from so many products and  services ● To have a single integrated view for all security  alerts
AWS Security Hub provides you with a comprehensive  view of your security state in your AWS environment and  helps you check your compliance with the security  industry standards and best practices. What is Security Hub? Security Hub collects security data from across AWS  accounts, services, and supported third­party partner  products and helps you analyze your security trends and  identify the highest priority security issues.
The Benefits ● Reduces the effort to collect and prioritize security  findings across accounts from integrated AWS services  and AWS partner products. ● Automatically runs continuous, account level  configuration and compliance checks based on  industry standards such as CIS benchmarking.  ● Consolidate your security findings across accounts on   to a dashboard. ● Supports integration with CloudWatch events, which  lets you automate specific findings by defining custom  actions and send them to a ticketing system.
AWS Security Hub
How it works Security Hub aggregates, organizes and prioritizes your  security alerts or findings from multiple AWS services such as  Amazon GuardDuty, Amazon Inspector and Amazon Macie,  as well as from AWS partner solutions (30+)
AWS Security Hub
● AWS GuardDuty: A threat detection service that continuously  monitors VPC flow logs, CloudTrail logs and DNS logs. It is an  intelligent threat detection service coupled with Lambda  functions to take actions. ● AWS Inspector: A security assessment service, which is used  to check for application exposures.  ● AWS Macie: A security service that uses machine learning to  automatically discover, classify, and protect sensitive data in  AWS Security Integrations ­ Services
Security Integrations ­ Partners Extended the ecosystem to many security partner products
● AWS Security Hub Findings from AWS Security Services and  third party products are possessed by Security Hub using a  standard finding format called AWS Security Finding Format  (JSON type).  ● This basically eliminates the need of any time­consuming data  conversion efforts. ● Then these findings are correlated via Security Hub by some  prioritization    ● Reference:  https://docs.aws.amazon.com/securityhub/latest/userguide/se curityhub­findings­format.html   AWS Security Finding Format
Security Hub ­ Compliance Only one Compliance Guideline (43) – CIS Benchmark
How to get there?
CIS Benchmarks (https://www.cisecurity.org/cis­benchmarks/) Resource: https://www.cisecurity.org/cis-benchmarks/
CIS AWS Benchmark Report V1.20 The checklist has three  main parts:   IAM, Logging, Monitoring
● The initial Quick Start Guide was created by  Accenture in collaboration with AWS. ● Quick Start sets up the following: – AWS Config Rules – CloudWatch Alarms – CloudWatch Events – Lambda Functions – AWS CloudTrail CIS Quick Start Deployment
CIS Quick Start Deployment  Architecture
CIS Quick Start Deployment (The Prerequisites) Requires AWS CloudTrail and AWS Config  to be enabled in all AWS Regions
AWS Config ● AWS Config provides a detailed view of the  configurations of AWS resources in an AWS account. 
AWS CloudTrail ● AWS Best Practice: Having the “trail” in a single  region
CIS Quick Start Deployment (The Steps) ● Once login to the AWS console, select the region you  want to run the compliance. ● Move to “CloudFormation” on the console. ● Select the CloudFormation Template from:  The original version is in:  https://github.com/aws­quickstart/quickstart­compliance­cis­bench mark
CIS Quick Start Deployment (The Steps) ● If all go well, check Cloudwatch console for the  events and Logs. ● You could see a separate set of events, alarms, filters  and lambda functions are installed on your setup.  ● These will basically set up the CIS compliance for  you!!
CIS Quick Start Deployment (The Steps) ● If all go well, check Cloudwatch console for the  events and Logs. ● You could see a separate set of events, alarms, filters  and lambda functions are installed on your setup.  ● These will basically set up the CIS compliance for  you!!
References ● CIS Quick Start Compliance Git (Original):  https://github.com/aws­quickstart/quickstart­compliance­cis­benchmark ● CIS Benchmark Template Git (Modified):  https://github.com/cnanayakkara/cis­benchmark­template  ● AWS Control Tower and Security Hub:  https://aws.amazon.com/blogs/enterprise­strategy/aws­control­tower­and­a ws­security­hub­powerful­enterprise­twins/ ● AWS Re­Inforce 2019:  https://www.youtube.com/watch?v=HsWtPG_rTak&t=1034s  ● AWS Security Hub – User Guide :  https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub.pd f ● AWS CIS Quick Start Reference Deployment:  https://aws­quickstart.s3.amazonaws.com/quickstart­compliance­cis­benc hmark/doc/cis­benchmark­on­the­aws­cloud.pdf  
Thank YouThank You Auxenta YouTube Channel: Auxenta YouTube Channel: Auxenta 360Auxenta 360 Auxenta VLOGS: Auxenta VLOGS: http://auxenta.com/vlog.phphttp://auxenta.com/vlog.php

More Related Content

PPTX
AWS core services
Nagesh Ramamoorthy
 
PPTX
AWS Monitoring & Logging
Jason Poley
 
PDF
AWS Systems Manager
Crishantha Nanayakkara
 
PDF
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Edureka!
 
PPTX
Aws config
Shagun Rathore
 
PDF
AWS IAM -- Notes of 20130403 Doc Version
Ernest Chiang
 
PDF
Amazon EC2 notes.pdf
yididya3
 
PPTX
AWS Cloud trail
zekeLabs Technologies
 
AWS core services
Nagesh Ramamoorthy
 
AWS Monitoring & Logging
Jason Poley
 
AWS Systems Manager
Crishantha Nanayakkara
 
Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...
Edureka!
 
Aws config
Shagun Rathore
 
AWS IAM -- Notes of 20130403 Doc Version
Ernest Chiang
 
Amazon EC2 notes.pdf
yididya3
 
AWS Cloud trail
zekeLabs Technologies
 

What's hot (20)

PPTX
Securityhub
Richard Harvey
 
PDF
Azure fundamentals
Alexandre BERGERE
 
PDF
Azure governance v4.0
Marcos Oikawa
 
PDF
Building an Enterprise-Grade Azure Governance Model
Karl Ots
 
PPTX
AWS VPC & Networking basic concepts
Abhinav Kumar
 
PDF
AWS Control Tower
CloudHesive
 
PDF
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...
Edureka!
 
PPTX
Azure Identity and access management
Dinusha Kumarasiri
 
PDF
[Azure Governance] Lesson 4 : Azure Policy
☁ Hicham KADIRI ☁
 
PDF
TechnicalTerraformLandingZones121120229238.pdf
MIlton788007
 
PDF
Azure Security Overview
David J Rosenthal
 
PDF
Azure 101
Korry Lavoie
 
PPTX
AWS Security Hub Deep Dive
Nagesh Ramamoorthy
 
PPTX
Microsoft Azure - Introduction
Pranav Ainavolu
 
PDF
Azure Monitoring Overview
gjuljo
 
PPTX
CAF presentation 09 16-2020
Michael Nichols
 
PPTX
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
FadhilMuhammad80
 
PPTX
Azure
Kiran Bavariya
 
PDF
Microsoft Azure Active Directory
David J Rosenthal
 
PDF
Azure cloud migration simplified
Girlo
 
Securityhub
Richard Harvey
 
Azure fundamentals
Alexandre BERGERE
 
Azure governance v4.0
Marcos Oikawa
 
Building an Enterprise-Grade Azure Governance Model
Karl Ots
 
AWS VPC & Networking basic concepts
Abhinav Kumar
 
AWS Control Tower
CloudHesive
 
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...
Edureka!
 
Azure Identity and access management
Dinusha Kumarasiri
 
[Azure Governance] Lesson 4 : Azure Policy
☁ Hicham KADIRI ☁
 
TechnicalTerraformLandingZones121120229238.pdf
MIlton788007
 
Azure Security Overview
David J Rosenthal
 
Azure 101
Korry Lavoie
 
AWS Security Hub Deep Dive
Nagesh Ramamoorthy
 
Microsoft Azure - Introduction
Pranav Ainavolu
 
Azure Monitoring Overview
gjuljo
 
CAF presentation 09 16-2020
Michael Nichols
 
PPT Azure Firewall vs 3rd Party NVA Comparison v1.0.pptx
FadhilMuhammad80
 
Azure
Kiran Bavariya
 
Microsoft Azure Active Directory
David J Rosenthal
 
Azure cloud migration simplified
Girlo
 
Ad

Similar to AWS Security Hub (20)

PPTX
Unravelling Cloud Security Posture Management using AWS Security Hub
Ankit Rao
 
PDF
securityhub.pdf
Learn2Skills |
 
PPTX
AWS User Group - Security & Compliance
Satish Kumar Natarajan
 
PDF
1. aws security and compliance wwps pre-day sao paolo - markry
Amazon Web Services LATAM
 
PPTX
AWS Landing Zone - Architecting Security and Governance.pptx
Akesh Patil
 
PDF
Security @ (Cloud) Scale Deep Dive
Kristana Kane
 
PDF
AWS Community Day 2022 Mahak Patil_Case Study_ Security Hub in FinTech
AWS Chicago
 
PPTX
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
Alert Logic
 
PPTX
Blue Chip Tek Connect and Protect Presentation #3
Kimberly Macias
 
PDF
The AWS Shared Responsibility Model in Practice
Alert Logic
 
PDF
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...
Marcela Cárdenas Hidalgo
 
PDF
Oas un llamado a la accion
Marcela Cárdenas Hidalgo
 
PDF
AWS Enterprise Summit - 클라우드에서의 보안 - 양승도
Amazon Web Services Korea
 
PPTX
Automating AWS security and compliance
John Varghese
 
PPTX
Evident.io corp overview
Mark Marquiss
 
PDF
The AWS Shared Responsibility Model: Presented by Amazon Web Services
Alert Logic
 
PDF
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
Vladimir Simek
 
PDF
AWS - Security & Compliance
Amazon Web Services LATAM
 
PDF
AWS Cloud Governance & Security through Automation - Atlanta AWS Builders
James Strong
 
PPTX
How to prepare for & respond to security incidents in your AWS environment
Nathan Case
 
Unravelling Cloud Security Posture Management using AWS Security Hub
Ankit Rao
 
securityhub.pdf
Learn2Skills |
 
AWS User Group - Security & Compliance
Satish Kumar Natarajan
 
1. aws security and compliance wwps pre-day sao paolo - markry
Amazon Web Services LATAM
 
AWS Landing Zone - Architecting Security and Governance.pptx
Akesh Patil
 
Security @ (Cloud) Scale Deep Dive
Kristana Kane
 
AWS Community Day 2022 Mahak Patil_Case Study_ Security Hub in FinTech
AWS Chicago
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
Alert Logic
 
Blue Chip Tek Connect and Protect Presentation #3
Kimberly Macias
 
The AWS Shared Responsibility Model in Practice
Alert Logic
 
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...
Marcela Cárdenas Hidalgo
 
Oas un llamado a la accion
Marcela Cárdenas Hidalgo
 
AWS Enterprise Summit - 클라우드에서의 보안 - 양승도
Amazon Web Services Korea
 
Automating AWS security and compliance
John Varghese
 
Evident.io corp overview
Mark Marquiss
 
The AWS Shared Responsibility Model: Presented by Amazon Web Services
Alert Logic
 
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
Vladimir Simek
 
AWS - Security & Compliance
Amazon Web Services LATAM
 
AWS Cloud Governance & Security through Automation - Atlanta AWS Builders
James Strong
 
How to prepare for & respond to security incidents in your AWS environment
Nathan Case
 
Ad

More from Crishantha Nanayakkara (20)

PDF
Sri Lanka Government Enterprise Architecture
Crishantha Nanayakkara
 
PDF
Application Deployement Strategies
Crishantha Nanayakkara
 
PDF
Azure for AWS Developers
Crishantha Nanayakkara
 
PDF
Enterprise Integration in Cloud Native Microservices Architectures
Crishantha Nanayakkara
 
PDF
AWS Big Data Landscape
Crishantha Nanayakkara
 
PDF
1BT_Designing_Microservices
Crishantha Nanayakkara
 
PDF
1BT_Tech_Talk_AWS_Cross_Account_Access
Crishantha Nanayakkara
 
PDF
Resiilient Architectures on AWS
Crishantha Nanayakkara
 
PDF
Reactive Microservices
Crishantha Nanayakkara
 
PDF
Expectaions in IT industry
Crishantha Nanayakkara
 
PDF
Towards Cloud Enabled Data Intensive Digital Transformation
Crishantha Nanayakkara
 
PDF
Container Architecture
Crishantha Nanayakkara
 
PDF
Domain Driven Design and Hexagonal Architecture
Crishantha Nanayakkara
 
PDF
Microservices
Crishantha Nanayakkara
 
PDF
Enterprise architecture in the current e-Government context in Sri Lanka
Crishantha Nanayakkara
 
PDF
Modern Trends in IT
Crishantha Nanayakkara
 
PDF
ICTA Meetup 12 - Message Brokers
Crishantha Nanayakkara
 
PDF
ICTA Meetup 11 - Big Data
Crishantha Nanayakkara
 
PDF
Lanka Gate Core Components - Government CIO Workshop Dec 2013
Crishantha Nanayakkara
 
PDF
ICTA Technology Meetup 06 - Enterprise Application Design Patterns
Crishantha Nanayakkara
 
Sri Lanka Government Enterprise Architecture
Crishantha Nanayakkara
 
Application Deployement Strategies
Crishantha Nanayakkara
 
Azure for AWS Developers
Crishantha Nanayakkara
 
Enterprise Integration in Cloud Native Microservices Architectures
Crishantha Nanayakkara
 
AWS Big Data Landscape
Crishantha Nanayakkara
 
1BT_Designing_Microservices
Crishantha Nanayakkara
 
1BT_Tech_Talk_AWS_Cross_Account_Access
Crishantha Nanayakkara
 
Resiilient Architectures on AWS
Crishantha Nanayakkara
 
Reactive Microservices
Crishantha Nanayakkara
 
Expectaions in IT industry
Crishantha Nanayakkara
 
Towards Cloud Enabled Data Intensive Digital Transformation
Crishantha Nanayakkara
 
Container Architecture
Crishantha Nanayakkara
 
Domain Driven Design and Hexagonal Architecture
Crishantha Nanayakkara
 
Microservices
Crishantha Nanayakkara
 
Enterprise architecture in the current e-Government context in Sri Lanka
Crishantha Nanayakkara
 
Modern Trends in IT
Crishantha Nanayakkara
 
ICTA Meetup 12 - Message Brokers
Crishantha Nanayakkara
 
ICTA Meetup 11 - Big Data
Crishantha Nanayakkara
 
Lanka Gate Core Components - Government CIO Workshop Dec 2013
Crishantha Nanayakkara
 
ICTA Technology Meetup 06 - Enterprise Application Design Patterns
Crishantha Nanayakkara
 

Recently uploaded (20)

PPTX
Strings in CPP - Strings in C++ are sequences of characters used to store and...
sangeethamtech26
 
PPTX
Sustainable Sites - Green Building Construction
mhdumerali
 
DOCX
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
PPTX
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
PPTX
Lesson 3_Tessellation.pptx finite Mathematics
quakeplayz54
 
PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PDF
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
PDF
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
PDF
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
PDF
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
PPTX
web development for engineering and engineering
keshriji700
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
PPTX
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
PPTX
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
PPTX
Geodesy 1.pptx...............................................
abhi1361yadav
 
PPTX
UNIT 4 Total Quality Management .pptx
gokuld13012005
 
PPTX
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
PPTX
Welding lecture in detail for understanding
sahilpoonia10
 
PPTX
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PPTX
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 
Strings in CPP - Strings in C++ are sequences of characters used to store and...
sangeethamtech26
 
Sustainable Sites - Green Building Construction
mhdumerali
 
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
Lesson 3_Tessellation.pptx finite Mathematics
quakeplayz54
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
web development for engineering and engineering
keshriji700
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
Geodesy 1.pptx...............................................
abhi1361yadav
 
UNIT 4 Total Quality Management .pptx
gokuld13012005
 
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
Welding lecture in detail for understanding
sahilpoonia10
 
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 

AWS Security Hub