AWS Security Hub Integration

Document created by Christine Tran Employee on Apr 14, 2020Last modified by Susan Read-Miller on May 20, 2020
Version 10Show Document
  • View in full screen mode

 

AWS Security Hub provides security alerts and compliance information related to Amazon Web Service accounts, services, and supported third-party partner products. It aggregates, organizes, and prioritizes security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty and Amazon Cloudwatch. Amazon Cloudwatch is native to AWS Security Hub and has event rules that allows prioritization and grouping findings into tickets or automated remediation systems. GuardDuty is a managed threat detection service that uses machine learning to safeguard critical AWS accounts and services from malicious activity and other security threats. It monitors and logs activity within the AWS environment, provides recommendations for remediation and assigns severity to those issues. GuardDuty offers seamless integration with AWS Cloudwatch events and Lambda to provide automated remediation plans.

 

With the AWS Security Hub integration with RSA Archer, organizations can standardize the findings from all these sources eliminating the need to convert the data for analysis. It allows organizations to automatically import data from AWS Security Hub directly into RSA Archer. Organizations will have visibility into the AWS Security Hub findings and can analyze the data to prioritize security alerts that impact the organization the most. They can report on their findings and update AWS Security Hub from RSA Archer.

 

Integration Features

The AWS Security Hub integration enables organizations to:

  • Capture and prioritize security findings across AWS services and partner offerings
  • Generate findings from AWS accounts and services into a centralized location
  • Configuration and compliance checks to identify accounts or resources that require attention
  • Automate threat detection service to monitor AWS accounts for potential malicious activity and vulnerabilities

 

Solution and Platform Information


For More Information

To learn more about the AWS Security Hub certified integration:

 

For Additional Support

 

To learn more about this offering, please contact your Account Rep for additional details. For technical support questions regarding this offering, please open a support case or contact RSA Archer at archersupport@rsa.com for more information. 

Attachments

    Outcomes