Study Guides/AWS Cybersecurity Notes/AWS Security Hub: Difference between revisions
From Cramsession
Jump to navigationJump to search
✍️ Verified Author: Mflavell • Click to view professional profile & credentials
| Line 61: | Line 61: | ||
:: This data refresheshes security hub in alomost realtime | :: This data refresheshes security hub in alomost realtime | ||
== Standards / Contoles and Checks == | |||
When enabling you are asked to select a security standard. | |||
Some of these are: | |||
::* AWS securirty bes practices | |||
::* CIS AWS Foundations benchmarks | |||
::* NIST 800-53 | |||
::* PCIDSS | |||
Revision as of 20:13, 25 May 2026
AWS Security Hub
This consolidates the security findings compliance and alerts.
This includes:
- AWS IAM
- Macie
- Guard Duty
- Inspector
- Firewall Manager
Third party tools:
- AWS Security hub can be intergrated to work with many 3rd party applications.
Think of security hub as a central point for a comprehehsive picture of security
By default security hub is a regional service.
- Member and master accounts can be setup.
- Securty hub administrator is the core account
- Security hub member are the leaf accounts
Compliance use case
Security hub can be used for automated compiance checks.
Out of the box Security Hub performes 43 fully automated checks.
- They checks are based on the CIS foundations framework.
Security hub looks at configutation and use at the account level.
AWS config: looks at the resource level.
HUB = High level
Hub depends on config
To enable AWS hub you must first have AWS Config enabled.
- Baseloine infomration for hub comes from AWS Config
- This data refresheshes security hub in alomost realtime
Standards / Contoles and Checks
When enabling you are asked to select a security standard.
Some of these are:
- AWS securirty bes practices
- CIS AWS Foundations benchmarks
- NIST 800-53
- PCIDSS
