Upload File

aws security hub · aws certificate manager a w s c o n tr o l t o w e r a w s s e rv ic e c a ta...

  • Home
  • Documents
  • AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource
16
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Maggie Krummel [email protected] 09/11/2020 AWS Security Hub Automated compliance checks and security alert prioritization

Upload: others

Post on 03-Oct-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Maggie Krummel – [email protected]

09/11/2020

AWS Security HubAutomated compliance checks and security alert prioritization

Page 2: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Agenda

Security Hub Overview

Customer Use Cases

Demo

Key Takeaways

Page 3: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Security and Compliance Challenges

Backlog of

Compliance

requirements

ComplexitySignal to

Noise RatioLack of an

Integrated View

Page 4: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS Security Hub Overview

Page 5: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Some of Our Current Customers

Page 6: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Use Case 1: Centralized Security and Compliance

Workspace

Page 7: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Use Case 2: Centralized Routing to a SIEM

Page 8: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Use Case 3: Dashboard for Account Owners

Page 9: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS Security Hub Information Flows

And more to come…

Plus dozens of others…

Plus dozens of others…

Remediation Actions

Findings

Taking Action Partners

Plus many others…

Page 10: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Firewalls

Vulnerability

MSSP

Endpoint

Compliance

Other

“Taking Action”

AWS

Security Hub

Amazon

CloudWatch

Events

Partners forwarding findings into AWS Security Hub

Amazon

GuardDutyAmazon

Inspector

Amazon

Macie

SIEM

SOAR

Other

Partner Integrations

AWS

Firewall

Manager

IAM

Access

Analzer

Page 11: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Demo

Page 12: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Free Trial

• Security Hub provides a 30-day free trial for all AWS accounts and

regions.

• You can view an estimate by navigating from the Security Hub

console to Settings, then Usage

Page 13: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Key Takeaways

Automatically evaluate your compliance against key standards with one-click,

frictionless enablement

Centralize all of your findings via the AWS Security Finding Format without the

need to parse and normalize them

Prioritize findings using insights for efficient response and remediation

Take action on findings automatically or semi-automatically using CloudWatch

Events

View and understand your security and compliance state in one place across all of

your accounts

Page 14: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Additional Resources

Best Practices Blog: https://aws.amazon.com/blogs/security/nine-aws-security-hub-best-practices/

Remediation Blog: https://aws.amazon.com/blogs/security/automated-response-and-remediation-with-aws-security-hub/

AWS Security Hub Workshop: https://security-hub-workshop.awssecworkshops.com/

User Guide: https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html

https://aws.amazon.com/blogs/security/nine-aws-security-hub-best-practices/
https://aws.amazon.com/blogs/security/automated-response-and-remediation-with-aws-security-hub/
https://security-hub-workshop.awssecworkshops.com/
https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html
Page 15: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Questions

Page 16: AWS Security Hub · AWS Certificate Manager A W S C o n tr o l T o w e r A W S S e rv ic e C a ta lo g A W S W e ll-A rc h ite c te d T o o l A W S T r u s te d A d v is o r Resource

© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

The AWS Security Services Ecosystem

Protect Detect Respond

Automate

Investigate

RecoverIdentify

AWS

Systems Manager

AWS Config

AWS Lambda

Amazon CloudWatch

Amazon

InspectorAmazon

Macie

Amazon

GuardDuty

AWS

Security Hub

AWS IoT Device

Defender

KMSIAM

AWS Single

Sign-On

Snapshot ArchiveAWS

CloudTrailAmazon

CloudWatch

Amazon VPC

AWS WAF

AWS Shield

AWS Secrets

Manager

AWS Firewall Manager

AWS

Organizations

Personal

Health Dashboard

Amazon Route 53

AWS Direct

Connect

AWS Transit Gateway

Amazon VPC

PrivateLink

AWS Step Functions

Amazon Cloud

Directory

AWS CloudHSM

AWS Certificate Manager

AWS

Control Tower

AWS

Service Catalog

AWS Well-

Architected Tool

AWS

Trusted Advisor

Resource Access

manager

AWS Directory Service

AmazonCognito

Amazon S3

Glacier

AWS

Security Hub

AWS

Systems Manager


N e w t o n’ s L a w s

w w w . b c n h o u s t o n . c o mbcnhouston.com/wp-content/uploads/2020/02/Word-wine-list...2020/02/04  · w w w . b c n h o u s t o n . c o m W I N E S B Y T H E G L A S S S P

W O R K S H E E T S - İngilizce Bankası · Web viewW O R K S H E E T S W O R K S H E E T S W O R K S H E E T S W O R K S H E E T S W O R K S H E E T S C O N T E N T S WORKSHEET

w w w. s p o r

S W IS S F A M ILY R O B IN S O Nscreenplaysandscripts.com/script_files/S/Swiss_Family...S W IS S F A M ILY R O B IN S O N r e w r i t e b y J o n a t h a n M o s t o w & S a m M o

w w w . D o n n a B a s s i n . c o m DONNA BASSIN

W O R K S H E E T S · Web viewW O R K S H E E T S W O R K S H E E T S W O R K S H E E T S W O R K S H E E T S W O R K S H E E T S C O N T E N T S WORKSHEET 1 : Subject Pronouns and

W W C a U G O S

W i n d o w s 8

Adela-Damosso Texto Edicion - Ágora Marianista · W } o } u } } > > , ] } ] Ç o s ] ] ] v } ] P ] v o W W } o } u } } U o U o ^ } ] o s ] X

w w w . s i r o . c c - HORST

W W W . A D E R I T O S I M O E S . C O M . B R

11 P S Canada W O W

W H O+ I S+ W H O

Welcome to... w w w. w i I l s o n g r o u p s. c o m Willsons Business Opportunities w w w. w i I l s o n b u s i n e s s. c o m

s i s a g c o m w n p m a g c o m w 2010! - SNIPS Magazine...a g. c o m w w w. s n i p s m a g. c o m w w w. s n i p s m a g. c o m New for 2010! † Green Product Guide ... † Previews

w w w . e s o l b i z . c o m w w w . e s o l b i z . c o m

w È s w : T æ O o § q ` o w @ Ç w ! Ö t b Ð * Z2019/04/24  · æ J ² W ® . Ç 8 w º 0 s = ~ F î Ð * Z ¯ R D å ¬ ù þ O y . Ç Z q . w È s w : T æ O o q ` o w @

w w w . s e l e c t - h y d r o f o i l s . c o m

r o B e r t s e s s i o n s W o o d W o r t h o B e r t s e s s i o n s W o o d W o r t h ... berger3 has written a sympathetic biographical memoir that ... 1 "Robert S. Woodworth,"

S Ł O W O W S T Ę P N E

s o c n e w s

S Z K O Ł A P O D S T A W O W A W K O W A L O W E J 58-350 Mieroszów ul. Wałbrzyska 38

13080B COLOR PLAN-COL01 - nh.gov · from aer shoreland ial photo lines w s o w s o w s o w s o w s o w s o w s o w s o w s o w s w s o s o w s o w s o w s o w s o w s o w s o w s

W I N D O W S

B O A T S H O W S L I D E S H O W

s&^dZ ~ u } hE/s Z^/dz W W s > Dh / > ] } ( v ] o ] P ] o

W W W Wollumbin StreetNullum Street Brisbane Street Attach 1 [EO-CM] Knox Park...e/oe/oe/oe/o e/o e/o e/o e/o e/o e/o e/o e/o e/o e/o sw s s s s s s s s s s sw sw sw sw sw sw sw sw

w w w . s w s o f t . c o m

KA-01 · SUPER s A H s s W u E W B k x N z o B k N p E N W c k k k N N o W N o u B W s E J A N k W E u E A N E o o S N o c W W u W B x W S B W o N O N

BONHOMIE STORIES w w w . b o n h o m i e s t o r i e s . c o m

w w w . b c n h o u s t o n . c o m · 2013Bodegas Matarromera,Crianza, D.O. Ribera del Duero 22 Tempranillo . w w w . b c n h o u s t o n . c o m . w w w . b c n h o u s t o n

W I N D O W S & D O O R S

S W O O P History

ENJOY! B I ONG S O NG - Out of the Ark Music · 1. 5 0 S O N G S, A W H O L E W O R L D A W W H O L E W O R L D 1 5 0 S O N G S A H. O L E W ORL D 1 5. 0 S O N G S - F. P O SI B I