aws security hub · aws certificate manager a w s c o n tr o l t o w e r a w s s e rv ic e c a ta...
TRANSCRIPT
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Maggie Krummel – [email protected]
09/11/2020
AWS Security HubAutomated compliance checks and security alert prioritization
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda
Security Hub Overview
Customer Use Cases
Demo
Key Takeaways
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security and Compliance Challenges
Backlog of
Compliance
requirements
ComplexitySignal to
Noise RatioLack of an
Integrated View
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Security Hub Overview
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Some of Our Current Customers
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Use Case 1: Centralized Security and Compliance
Workspace
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Use Case 2: Centralized Routing to a SIEM
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Use Case 3: Dashboard for Account Owners
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Security Hub Information Flows
And more to come…
Plus dozens of others…
Plus dozens of others…
Remediation Actions
Findings
Taking Action Partners
Plus many others…
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Firewalls
Vulnerability
MSSP
Endpoint
Compliance
Other
“Taking Action”
AWS
Security Hub
Amazon
CloudWatch
Events
Partners forwarding findings into AWS Security Hub
Amazon
GuardDutyAmazon
Inspector
Amazon
Macie
SIEM
SOAR
Other
Partner Integrations
AWS
Firewall
Manager
IAM
Access
Analzer
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Demo
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Free Trial
• Security Hub provides a 30-day free trial for all AWS accounts and
regions.
• You can view an estimate by navigating from the Security Hub
console to Settings, then Usage
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Key Takeaways
Automatically evaluate your compliance against key standards with one-click,
frictionless enablement
Centralize all of your findings via the AWS Security Finding Format without the
need to parse and normalize them
Prioritize findings using insights for efficient response and remediation
Take action on findings automatically or semi-automatically using CloudWatch
Events
View and understand your security and compliance state in one place across all of
your accounts
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Additional Resources
Best Practices Blog: https://aws.amazon.com/blogs/security/nine-aws-security-hub-best-practices/
Remediation Blog: https://aws.amazon.com/blogs/security/automated-response-and-remediation-with-aws-security-hub/
AWS Security Hub Workshop: https://security-hub-workshop.awssecworkshops.com/
User Guide: https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Questions
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The AWS Security Services Ecosystem
Protect Detect Respond
Automate
Investigate
RecoverIdentify
AWS
Systems Manager
AWS Config
AWS Lambda
Amazon CloudWatch
Amazon
InspectorAmazon
Macie
Amazon
GuardDuty
AWS
Security Hub
AWS IoT Device
Defender
KMSIAM
AWS Single
Sign-On
Snapshot ArchiveAWS
CloudTrailAmazon
CloudWatch
Amazon VPC
AWS WAF
AWS Shield
AWS Secrets
Manager
AWS Firewall Manager
AWS
Organizations
Personal
Health Dashboard
Amazon Route 53
AWS Direct
Connect
AWS Transit Gateway
Amazon VPC
PrivateLink
AWS Step Functions
Amazon Cloud
Directory
AWS CloudHSM
AWS Certificate Manager
AWS
Control Tower
AWS
Service Catalog
AWS Well-
Architected Tool
AWS
Trusted Advisor
Resource Access
manager
AWS Directory Service
AmazonCognito
Amazon S3
Glacier
AWS
Security Hub
AWS
Systems Manager