Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

AWS Security Hub Aggregates Alerts From Third-Party Tools

Amazon Web Services on Wednesday announced the launch of AWS Security Hub, a service designed to aggregate and prioritize alerts from AWS and third-party security tools.

Amazon Web Services on Wednesday announced the launch of AWS Security Hub, a service designed to aggregate and prioritize alerts from AWS and third-party security tools.

Unveiled at the AWS re:Invent 2018 conference, AWS Security Hub provides organizations a comprehensive view of their security status by consuming, aggregating, organizing and prioritizing data from Amazon GuardDuty, Amazon Inspector, Amazon Macie, and tools from AWS partners.

A significant number of cybersecurity firms announced on Wednesday that their products can be integrated with the AWS Security Hub, including CrowdStrike, Twistlock, Tenable, Armor, McAfee, Splunk, Check Point, Palo Alto Networks, Alert Logic, Qualys, Sophos, Trend Micro, Sumo Logic and Fortinet. Each of these companies issued statements, press releases and blog posts regarding the partnership with AWS.

AWS Security Hub, currently in preview release, not only collects data from other tools, but also generates its own findings based on automated and continuous compliance checks.

The service helps users prioritize findings and consolidates them into actionable tables and graphs, allowing security teams to quickly take action. Findings can be forwarded to email, ticketing, chat, and automated remediation systems.

AWS Security Hub

“The service ingests data using a standard findings format, eliminating the need for time-consuming data conversion efforts. It then correlates findings across providers to prioritize the most important findings,” AWS explained.

“With Security Hub, you can run automated, continuous account-level configuration and compliance checks based on industry standards and best practices, such as the Center for Internet Security (CIS) AWS Foundations Benchmark. These checks provide a compliance score and identify specific accounts and resources that require attention,” the company said.

The Security Hub can be accessed through the AWS Management Console, specifically the Amazon Inspector console, or the Security Hub HTTPS API.

Related: AWS Adds New Feature for Preventing Data Leaks

Related: Amazon Introduces AWS Security Specialty Certification Exam

Related: AWS Launches New Tools for Firewalls, Certificates, Credentials

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...