Submit Search
Upload
AWS Security Hub Aggregates Security Data & Checks Compliance
•
1 like
•
1,412 views
AI-enhanced title
Crishantha Nanayakkara
Follow
This was a Tech Talk done at Auxenta (Pvt) Ltd in Aug 2019
Read less
Read more
Engineering
Report
Share
Report
Share
1 of 27
Download now
Download to read offline
Recommended
AWS Security Hub
AWS Security Hub
Amazon Web Services
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Amazon Web Services
AWS Security Hub Deep Dive
AWS Security Hub Deep Dive
Nagesh Ramamoorthy
Aws config
Aws config
Shagun Rathore
Automating AWS security and compliance
Automating AWS security and compliance
John Varghese
Fundamentals of AWS Security
Fundamentals of AWS Security
Amazon Web Services
AWS IAM Introduction
AWS IAM Introduction
Amazon Web Services
AWS Security Checklist
AWS Security Checklist
Amazon Web Services
Recommended
AWS Security Hub
AWS Security Hub
Amazon Web Services
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Amazon Web Services
AWS Security Hub Deep Dive
AWS Security Hub Deep Dive
Nagesh Ramamoorthy
Aws config
Aws config
Shagun Rathore
Automating AWS security and compliance
Automating AWS security and compliance
John Varghese
Fundamentals of AWS Security
Fundamentals of AWS Security
Amazon Web Services
AWS IAM Introduction
AWS IAM Introduction
Amazon Web Services
AWS Security Checklist
AWS Security Checklist
Amazon Web Services
AWS Cloud trail
AWS Cloud trail
zekeLabs Technologies
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Amazon Web Services
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon Web Services
Introduction to AWS Security
Introduction to AWS Security
Amazon Web Services
Introduction to AWS IAM
Introduction to AWS IAM
Knoldus Inc.
Aws IAM
Aws IAM
Chamali Liyanage
AWS Security Best Practices
AWS Security Best Practices
Amazon Web Services
Best Practices for Amazon S3 and Amazon Glacier (STG203-R2) - AWS re:Invent 2018
Best Practices for Amazon S3 and Amazon Glacier (STG203-R2) - AWS re:Invent 2018
Amazon Web Services
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS Security
Amazon Web Services
Securityhub
Securityhub
Richard Harvey
Deep dive into AWS IAM
Deep dive into AWS IAM
Amazon Web Services
AWS IAM -- Notes of 20130403 Doc Version
AWS IAM -- Notes of 20130403 Doc Version
Ernest Chiang
Webinar AWS 201 - Using Amazon Virtual Private Cloud (VPC)
Webinar AWS 201 - Using Amazon Virtual Private Cloud (VPC)
Amazon Web Services
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
Amazon Web Services
AWS IAM and security
AWS IAM and security
Erik Paulsson
AWS Security & Compliance
AWS Security & Compliance
Amazon Web Services
Encryption and Key Management in AWS
Encryption and Key Management in AWS
Amazon Web Services
Amazon GuardDuty Lab
Amazon GuardDuty Lab
Amazon Web Services
How to use IAM roles grant access to AWS
How to use IAM roles grant access to AWS
Amazon Web Services
AWS Security by Design
AWS Security by Design
Amazon Web Services
AWS re:Invent 2016: Tips for Passing APN Technical Validations (GPSISV2)
AWS re:Invent 2016: Tips for Passing APN Technical Validations (GPSISV2)
Amazon Web Services
How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...
How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...
Amazon Web Services
More Related Content
What's hot
AWS Cloud trail
AWS Cloud trail
zekeLabs Technologies
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Amazon Web Services
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon Web Services
Introduction to AWS Security
Introduction to AWS Security
Amazon Web Services
Introduction to AWS IAM
Introduction to AWS IAM
Knoldus Inc.
Aws IAM
Aws IAM
Chamali Liyanage
AWS Security Best Practices
AWS Security Best Practices
Amazon Web Services
Best Practices for Amazon S3 and Amazon Glacier (STG203-R2) - AWS re:Invent 2018
Best Practices for Amazon S3 and Amazon Glacier (STG203-R2) - AWS re:Invent 2018
Amazon Web Services
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS Security
Amazon Web Services
Securityhub
Securityhub
Richard Harvey
Deep dive into AWS IAM
Deep dive into AWS IAM
Amazon Web Services
AWS IAM -- Notes of 20130403 Doc Version
AWS IAM -- Notes of 20130403 Doc Version
Ernest Chiang
Webinar AWS 201 - Using Amazon Virtual Private Cloud (VPC)
Webinar AWS 201 - Using Amazon Virtual Private Cloud (VPC)
Amazon Web Services
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
Amazon Web Services
AWS IAM and security
AWS IAM and security
Erik Paulsson
AWS Security & Compliance
AWS Security & Compliance
Amazon Web Services
Encryption and Key Management in AWS
Encryption and Key Management in AWS
Amazon Web Services
Amazon GuardDuty Lab
Amazon GuardDuty Lab
Amazon Web Services
How to use IAM roles grant access to AWS
How to use IAM roles grant access to AWS
Amazon Web Services
AWS Security by Design
AWS Security by Design
Amazon Web Services
What's hot
(20)
AWS Cloud trail
AWS Cloud trail
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Introduction to AWS Security
Introduction to AWS Security
Introduction to AWS IAM
Introduction to AWS IAM
Aws IAM
Aws IAM
AWS Security Best Practices
AWS Security Best Practices
Best Practices for Amazon S3 and Amazon Glacier (STG203-R2) - AWS re:Invent 2018
Best Practices for Amazon S3 and Amazon Glacier (STG203-R2) - AWS re:Invent 2018
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS Security
Securityhub
Securityhub
Deep dive into AWS IAM
Deep dive into AWS IAM
AWS IAM -- Notes of 20130403 Doc Version
AWS IAM -- Notes of 20130403 Doc Version
Webinar AWS 201 - Using Amazon Virtual Private Cloud (VPC)
Webinar AWS 201 - Using Amazon Virtual Private Cloud (VPC)
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
AWS IAM and security
AWS IAM and security
AWS Security & Compliance
AWS Security & Compliance
Encryption and Key Management in AWS
Encryption and Key Management in AWS
Amazon GuardDuty Lab
Amazon GuardDuty Lab
How to use IAM roles grant access to AWS
How to use IAM roles grant access to AWS
AWS Security by Design
AWS Security by Design
Similar to AWS Security Hub Aggregates Security Data & Checks Compliance
AWS re:Invent 2016: Tips for Passing APN Technical Validations (GPSISV2)
AWS re:Invent 2016: Tips for Passing APN Technical Validations (GPSISV2)
Amazon Web Services
How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...
How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...
Amazon Web Services
7 Ways to Accelerate Your Enterprise Journey to the Cloud
7 Ways to Accelerate Your Enterprise Journey to the Cloud
Amazon Web Services
Security Hub Forensics & Incident Response
Security Hub Forensics & Incident Response
Christopher Doman
APN Overview and Best Practices for Partnering with AWS
APN Overview and Best Practices for Partnering with AWS
Amazon Web Services
Improving Security Agility using DevSecOps
Improving Security Agility using DevSecOps
Amazon Web Services
F4C AWS partner webinars 29july2016
F4C AWS partner webinars 29july2016
Russell Warne
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
Amazon Web Services
APN Partner Webinar - AWS Marketplace & Test Drive
APN Partner Webinar - AWS Marketplace & Test Drive
Amazon Web Services
3 Scaling Lessons Learned the Hard Way with DuploCloud
3 Scaling Lessons Learned the Hard Way with DuploCloud
saastr
AWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure Security
Nutanix Beam
How to Build a Threat Detection Strategy in the AWS Cloud
How to Build a Threat Detection Strategy in the AWS Cloud
Joseph Holbrook, Chief Learning Officer (CLO)
2023-09-21_Seminar_Hamar_-_Starte_med_AWS
2023-09-21_Seminar_Hamar_-_Starte_med_AWS
Håkon Eriksen Drange
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
Amazon Web Services
securityhub.pdf
securityhub.pdf
Learn2Skills |
Perform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own Company
Amazon Web Services
AWS Enterprise Summit London | Transforming Your IT with AWS
AWS Enterprise Summit London | Transforming Your IT with AWS
Amazon Web Services
Benefits of Cloud Computing
Benefits of Cloud Computing
Amazon Web Services
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
Amazon Web Services
AWS Meetup - Well-architected Framework (31012017)
AWS Meetup - Well-architected Framework (31012017)
Jamie van Brunschot
Similar to AWS Security Hub Aggregates Security Data & Checks Compliance
(20)
AWS re:Invent 2016: Tips for Passing APN Technical Validations (GPSISV2)
AWS re:Invent 2016: Tips for Passing APN Technical Validations (GPSISV2)
How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...
How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...
7 Ways to Accelerate Your Enterprise Journey to the Cloud
7 Ways to Accelerate Your Enterprise Journey to the Cloud
Security Hub Forensics & Incident Response
Security Hub Forensics & Incident Response
APN Overview and Best Practices for Partnering with AWS
APN Overview and Best Practices for Partnering with AWS
Improving Security Agility using DevSecOps
Improving Security Agility using DevSecOps
F4C AWS partner webinars 29july2016
F4C AWS partner webinars 29july2016
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
APN Partner Webinar - AWS Marketplace & Test Drive
APN Partner Webinar - AWS Marketplace & Test Drive
3 Scaling Lessons Learned the Hard Way with DuploCloud
3 Scaling Lessons Learned the Hard Way with DuploCloud
AWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure Security
How to Build a Threat Detection Strategy in the AWS Cloud
How to Build a Threat Detection Strategy in the AWS Cloud
2023-09-21_Seminar_Hamar_-_Starte_med_AWS
2023-09-21_Seminar_Hamar_-_Starte_med_AWS
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
securityhub.pdf
securityhub.pdf
Perform a Cloud Readiness Assessment for Your Own Company
Perform a Cloud Readiness Assessment for Your Own Company
AWS Enterprise Summit London | Transforming Your IT with AWS
AWS Enterprise Summit London | Transforming Your IT with AWS
Benefits of Cloud Computing
Benefits of Cloud Computing
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
How PagerDuty Achieved End-to-End Visibility with Splunk and AWS Webinar Deck
AWS Meetup - Well-architected Framework (31012017)
AWS Meetup - Well-architected Framework (31012017)
More from Crishantha Nanayakkara
Sri Lanka Government Enterprise Architecture
Sri Lanka Government Enterprise Architecture
Crishantha Nanayakkara
Application Deployement Strategies
Application Deployement Strategies
Crishantha Nanayakkara
Azure for AWS Developers
Azure for AWS Developers
Crishantha Nanayakkara
Enterprise Integration in Cloud Native Microservices Architectures
Enterprise Integration in Cloud Native Microservices Architectures
Crishantha Nanayakkara
AWS Systems Manager
AWS Systems Manager
Crishantha Nanayakkara
AWS Big Data Landscape
AWS Big Data Landscape
Crishantha Nanayakkara
1BT_Designing_Microservices
1BT_Designing_Microservices
Crishantha Nanayakkara
1BT_Tech_Talk_AWS_Cross_Account_Access
1BT_Tech_Talk_AWS_Cross_Account_Access
Crishantha Nanayakkara
Resiilient Architectures on AWS
Resiilient Architectures on AWS
Crishantha Nanayakkara
Reactive Microservices
Reactive Microservices
Crishantha Nanayakkara
Expectaions in IT industry
Expectaions in IT industry
Crishantha Nanayakkara
Towards Cloud Enabled Data Intensive Digital Transformation
Towards Cloud Enabled Data Intensive Digital Transformation
Crishantha Nanayakkara
Container Architecture
Container Architecture
Crishantha Nanayakkara
Domain Driven Design and Hexagonal Architecture
Domain Driven Design and Hexagonal Architecture
Crishantha Nanayakkara
Microservices
Microservices
Crishantha Nanayakkara
Enterprise architecture in the current e-Government context in Sri Lanka
Enterprise architecture in the current e-Government context in Sri Lanka
Crishantha Nanayakkara
Modern Trends in IT
Modern Trends in IT
Crishantha Nanayakkara
ICTA Meetup 12 - Message Brokers
ICTA Meetup 12 - Message Brokers
Crishantha Nanayakkara
ICTA Meetup 11 - Big Data
ICTA Meetup 11 - Big Data
Crishantha Nanayakkara
Lanka Gate Core Components - Government CIO Workshop Dec 2013
Lanka Gate Core Components - Government CIO Workshop Dec 2013
Crishantha Nanayakkara
More from Crishantha Nanayakkara
(20)
Sri Lanka Government Enterprise Architecture
Sri Lanka Government Enterprise Architecture
Application Deployement Strategies
Application Deployement Strategies
Azure for AWS Developers
Azure for AWS Developers
Enterprise Integration in Cloud Native Microservices Architectures
Enterprise Integration in Cloud Native Microservices Architectures
AWS Systems Manager
AWS Systems Manager
AWS Big Data Landscape
AWS Big Data Landscape
1BT_Designing_Microservices
1BT_Designing_Microservices
1BT_Tech_Talk_AWS_Cross_Account_Access
1BT_Tech_Talk_AWS_Cross_Account_Access
Resiilient Architectures on AWS
Resiilient Architectures on AWS
Reactive Microservices
Reactive Microservices
Expectaions in IT industry
Expectaions in IT industry
Towards Cloud Enabled Data Intensive Digital Transformation
Towards Cloud Enabled Data Intensive Digital Transformation
Container Architecture
Container Architecture
Domain Driven Design and Hexagonal Architecture
Domain Driven Design and Hexagonal Architecture
Microservices
Microservices
Enterprise architecture in the current e-Government context in Sri Lanka
Enterprise architecture in the current e-Government context in Sri Lanka
Modern Trends in IT
Modern Trends in IT
ICTA Meetup 12 - Message Brokers
ICTA Meetup 12 - Message Brokers
ICTA Meetup 11 - Big Data
ICTA Meetup 11 - Big Data
Lanka Gate Core Components - Government CIO Workshop Dec 2013
Lanka Gate Core Components - Government CIO Workshop Dec 2013
Recently uploaded
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
SIVASHANKAR N
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
NikhilNagaraju
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
ranjana rawat
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
João Esperancinha
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
ranjana rawat
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
slot gacor bisa pakai pulsa
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
ranjana rawat
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur High Profile
Extrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
120cr0395
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Dr.Costas Sachpazis
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
M Maged Hegazy, LLM, MBA, CCP, P3O
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
misbanausheenparvam
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur High Profile
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
KurinjimalarL3
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
ranjana rawat
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
RajaP95
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
null - The Open Security Community
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
ranjana rawat
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
ranjana rawat
Recently uploaded
(20)
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Extrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
AWS Security Hub Aggregates Security Data & Checks Compliance
1.
By Crishantha Nanayakkara AWS Security Hub Source:
AWS Blogs
2.
Agenda ● What is Security Hub? ● The Need ● The Benefits ● How it works ● Security Hub – Integrations ● Security Hub – Compliance ● Pricing ● Demo
3.
ReInvent 2018 – Security Hub Launch Andy Jassy, AWS
CEO at Re-Invent 2018, Las Vegas Reference: https://www.youtube.com/watch?v=a4l1UCo3YHE
4.
The Competition Azure Security Center
Google Cloud Security Command Center
5.
The Need ● Security Compliance Issues – Which Security compliance is most suited? ● So many security alert formats from different security products – Need to spend a lot of money to get them to a common format, which can be searched and analyzed ● Too many security alerts from so many products and services ● To have a single integrated view for all security alerts
6.
AWS Security Hub provides you with a comprehensive view of your security state in your AWS environment and helps you check your compliance with the security industry standards and best practices. What is Security Hub? Security Hub collects security data from across AWS accounts, services, and supported thirdparty partner products and helps you analyze your security trends and identify the highest priority security issues.
7.
The Benefits ● Reduces the effort to collect and prioritize security findings across accounts from integrated AWS services and AWS partner products. ● Automatically runs continuous, account level configuration and compliance checks based on industry standards such as CIS benchmarking. ● Consolidate your security findings across accounts on to a dashboard. ● Supports integration with CloudWatch events, which lets you automate specific findings by defining custom actions and send them to a ticketing system.
8.
9.
How it works Security Hub aggregates, organizes and prioritizes your security alerts or findings from multiple AWS services such as Amazon GuardDuty, Amazon Inspector and Amazon Macie, as well as from AWS partner solutions (30+)
10.
11.
● AWS GuardDuty: A threat detection service that continuously monitors VPC flow logs, CloudTrail logs and DNS logs. It is an intelligent threat detection service coupled with Lambda functions to take actions. ● AWS Inspector: A security assessment service, which is used to check for application exposures. ● AWS Macie: A security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS Security Integrations Services
12.
Security Integrations Partners Extended the ecosystem to many security partner products
13.
● AWS Security Hub Findings from AWS Security Services and third party products are possessed by Security Hub using a standard finding format called AWS Security Finding Format (JSON type). ● This basically eliminates the need of any timeconsuming data conversion efforts. ● Then these findings are correlated via Security Hub by some prioritization ● Reference: https://docs.aws.amazon.com/securityhub/latest/userguide/se curityhubfindingsformat.html AWS Security Finding Format
14.
Security Hub Compliance Only one Compliance Guideline (43) – CIS Benchmark
15.
How to get there?
16.
CIS Benchmarks (https://www.cisecurity.org/cisbenchmarks/) Resource: https://www.cisecurity.org/cis-benchmarks/
17.
CIS AWS Benchmark Report V1.20 The checklist has three main parts: IAM, Logging, Monitoring
18.
● The initial Quick Start Guide was created by Accenture in collaboration with AWS. ● Quick Start sets up the following: – AWS Config Rules – CloudWatch Alarms –
CloudWatch Events – Lambda Functions – AWS CloudTrail CIS Quick Start Deployment
19.
CIS Quick Start Deployment Architecture
20.
CIS Quick Start Deployment (The Prerequisites) Requires AWS CloudTrail and AWS Config to be enabled in all AWS Regions
21.
AWS Config ● AWS Config provides a detailed view of the configurations of AWS resources in an AWS account.
22.
AWS CloudTrail ● AWS Best Practice: Having the “trail” in a single region
23.
CIS Quick Start Deployment (The Steps) ● Once login to the AWS console, select the region you want to run the compliance. ● Move to “CloudFormation” on the console. ● Select the CloudFormation Template from: The original version is in: https://github.com/awsquickstart/quickstartcompliancecisbench mark
24.
CIS Quick Start Deployment (The Steps) ● If all go well, check Cloudwatch console for the events and Logs. ● You could see a separate set of events, alarms, filters and lambda functions are installed on your setup. ● These will basically set up the CIS compliance for you!!
25.
CIS Quick Start Deployment (The Steps) ● If all go well, check Cloudwatch console for the events and Logs. ● You could see a separate set of events, alarms, filters and lambda functions are installed on your setup. ● These will basically set up the CIS compliance for you!!
26.
References ● CIS Quick Start Compliance Git (Original): https://github.com/awsquickstart/quickstartcompliancecisbenchmark ● CIS Benchmark Template Git (Modified): https://github.com/cnanayakkara/cisbenchmarktemplate ● AWS Control Tower and Security Hub: https://aws.amazon.com/blogs/enterprisestrategy/awscontroltoweranda wssecurityhubpowerfulenterprisetwins/ ● AWS ReInforce 2019: https://www.youtube.com/watch?v=HsWtPG_rTak&t=1034s ● AWS Security Hub – User Guide : https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub.pd f ● AWS CIS Quick Start Reference Deployment: https://awsquickstart.s3.amazonaws.com/quickstartcompliancecisbenc hmark/doc/cisbenchmarkontheawscloud.pdf
27.
Thank YouThank You Auxenta YouTube Channel: Auxenta YouTube Channel: Auxenta 360Auxenta 360 Auxenta VLOGS: Auxenta VLOGS: http://auxenta.com/vlog.phphttp://auxenta.com/vlog.php
Download now