News

AWS Security Hub Emerges from Preview, Now Generally Available

AWS Security Hub, a one-stop shop for users to monitor and manage security alerts and compliance information coming from a range of cloud services, has graduated from preview status, becoming generally available.

AWS announced the tool in preview last December, in the wake of a bevy of security breaches affecting customers who didn't configure their Amazon S3 storage buckets correctly. While not the fault of the AWS platform, the company seemingly stepped up its security initiatives, previously adding controls to block public access to S3 storage buckets, for just one example among several other initiatives.

The new AWS Security Hub will no doubt sharpen users' focus on security and help them to get a handle on wide-ranging security aspects.

"With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions," the hub's site says.

All that data is presented in integrated dashboards that feature graphs and tables that users can interact with. The tool also lets users automatically monitor their cloud environments, checking on compliance according to the AWS best practices and organization-specific industry standards.

How AWS Security Hub Works
[Click on image for larger view.] How AWS Security Hub Works (source: AWS)

Brandon West, a developer at Amazon Web Services Inc., dove into the details of the Hub in a June 24 blog post, getting into the nitty-gritty, hands-on aspects of integrations, custom actions and more.

"It works across AWS accounts and integrates with many AWS services and third-party products," West said. "You can also use the Security Hub API to create your own integrations."

He offered up these "important notes":

  • AWS Config must be enabled for Security Hub compliance checks to run.
  • AWS Security Hub is available in 15 regions: US East (N. Virginia), US East (Ohio), US West (Oregon), US West (N. California), Canada (Central), South America (São Paulo), Europe (Ireland), Europe (London), Europe (Paris), Europe (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Seoul), and Asia Pacific (Mumbai).
  • AWS Security Hub does not transfer data outside of the regions where it was generated. Data is not consolidated across multiple regions.

"AWS Security Hub is already the type of service that I'll enable on the majority of the AWS accounts I operate," West concluded. "As more compliance standards become available this year, I expect it will become a standard tool in many toolboxes. A 30-day free trial is available so you can try it out and get an estimate of what your costs would be. As always, we want to hear your feedback and understand how you're using AWS Security Hub. Stay in touch, and happy building!"

About the Author

David Ramel is the editor of Visual Studio Magazine.

Featured