News

New AWS Security Hub Shows Alerts, Compliance Info

• By David Ramel
• 12/06/2018

There's a new one-stop shop for users to monitor and manage security alerts and compliance information coming from a range of services on the Amazon Web Services Inc. (AWS) cloud.

The cloud giant last week announced a preview of its new AWS Security Hub, designed to provide a central location to manage security alerts and automate compliance checks.

In the wake of a bevy of security breaches affecting customers who didn't configure their Amazon S3 storage buckets correctly, AWS seems to have stepped up its security initiatives, just recently adding controls to block public access to S3 storage buckets, for just one example.

Now, the new preview offering provides a more convenient place to monitor alerts that might be generated from AWS Partner solutions or other AWS services such as: Amazon GuardDuty (threat detection); Amazon Inspector (automated security assessment service); and Amazon Macie (a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS).

The service uses a standard finding format to collect the data, obviating the need for data conversion between systems, and automatically correlates findings from different providers to prioritize the most important items.

"Integrated dashboards bring together your security findings across accounts to show you the current security and compliance status," the company said in a blog post. "Now you can easily spot trends, identify potential issues, and take the necessary next steps. For example, you can send findings to ticketing, chat, email, or automated remediation systems using integration with Amazon CloudWatch Events."

While it's in preview, the tool will be free to use.