AWS Security Hub

Introduction

AWS security hub provides you with a comprehensive view of the security posture of your AWS environment and helps you check your environment against industry recognized security standards and best practices. It reduces the effort to collect and prioritize security findings across accounts, also it can automatically run continuous, account-level scans on configuration and security checks based on the AWS security best practices.

What we are going to cover

We will cover how to use AWS security Hub and a step by step guide for analysing the findings and take actions.

Requirements

Before we enable AWS security hub, we need to enable AWS Foundational security Best Practices standard in the accounts. Also we need to enable AWS config and start configuration recording. Once enabled head to security Hub

Steps to audit

  • On the first screen you will seee the security standards which needs to be enabled, choos the default ones and click on Enable Security Hub AWS Security Hub

  • Once we enable the security hub, we will see the summary page. AWS Security Hub

  • Head over to the Security Standards page and observe the security score as per the standards we have enabled earlier AWS Security Hub

Aditional references

AWS Security Hub

PreviousProwler for AWSNextCapture The Flag

Last updated