AWS Security Hub provides security alerts and compliance information related to Amazon Web Service accounts, services, and supported third-party partner products. It aggregates, organizes, and prioritizes security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty and Amazon Cloudwatch. Amazon Cloudwatch is native to AWS Security Hub and has event rules that allows prioritization and grouping findings into tickets or automated remediation systems. GuardDuty is a managed threat detection service that uses machine learning to safeguard critical AWS accounts and services from malicious activity and other security threats. It monitors and logs activity within the AWS environment, provides recommendations for remediation and assigns severity to those issues. GuardDuty offers seamless integration with AWS Cloudwatch events and Lambda to provide automated remediation plans.
With the AWS Security Hub integration with Archer, organizations can standardize the findings from all these sources eliminating the need to convert the data for analysis. It allows organizations to automatically import data from AWS Security Hub directly into Archer. Organizations will have visibility into the AWS Security Hub findings and can analyze the data to prioritize security alerts that impact the organization the most. They can report on their findings and update AWS Security Hub from Archer.
The AWS Security Hub integration enables organizations to:
Capture and prioritize security findings across AWS services and partner offerings
Generate findings from AWS accounts and services into a centralized location
Configuration and compliance checks to identify accounts or resources that require attention
Automate threat detection service to monitor AWS accounts for potential malicious activity and vulnerabilities
To learn more about this offering, please contact your Account Rep for additional details. For technical support questions regarding this offering, please open a support case or contact Archer at firstname.lastname@example.org for more information.