|
AWS Security Hub has been a central place for you to display and aggregate security alerts and compliance status across Amazon Web Services (AWS). Today we announce the release of the preview of the new AWS Security Center, which offer correlation, contextualization and visualization capabilities. This will help you prefer critical security, respond to risk reduction, improve team productivity and better protect your cloud.
Here’s a quick view of the new AWS security center.
With this new enhancement, the SECURITY HUS AWS Security Security, such as Amazon Guardduty, Amazon Inspector, AWS Security Hub Cloud Security Management (CSPM), Amazon Macie and other AWS security capabilities, will help you gain visibility in the cloud centralized management in the cloud security solution.
We start with the new AWS security center
Let me go through how to start with the AWS security center.
If you have a new customer to the AWS Security Hub, you have to go to the AWS Security Hub Console to allow AWS safety and capacity to start the risk throughout the organization. You can learn more about the documentation page.
After you have the AWS security center, it automatically consumes data from the support of security capacities that you have allowed, such as Amazon Guardduts, Amazon Inspector, Amazon Macie and AWS Security Hub CSPM. You can switch to the SECURITY HUS AWS and display these findings and benefit from the knowledge of the correlations of findings across these abilities.
Since the security risks are revealed, they are represented in the summary of the Summary Safety Node. The new Summary dashboard provides understanding, a unified view of your AWS safety holding. The control panel organized security findings in different categories, which makes risks to identify and prioritize.
New Summary exposure The widget will help you identify and prefer safety exhibitions by analyzing the relationships and signals of sources by Amazon Inspector, AWS Security Hub CSPM and Amazon Macie. These exposure findings are automatically generated and are a key part of the new solution, emphasizing where your critical security exhibitions are located. You can learn more about the exhibition on the documentation page.
AWS Security Hub now provides a Security Widget designed to help you identify potential gaps in coverage. You can use this widget to identify, where you lack the coverage of safety capacity, that force security. This visibility will help you identify this ability, accounts and features that you need to solve to improve your safety coverage.
As you can see the navigation menu, the AWS Security Hub is arranged in five key areas to streamline security management:
- Exhibition: Provides visibility in all exposure findings, security vulnerability, or incorrect configuration that could potentially expose AWS or unauthorized access or compromise system, generated by a security center to help you identify sources from which they could access them.
- Threat: All findings of threats generated by Guardduty Conseolides, showing potential harmful activities and attempts to enter
- Vulnerability: Displays all vulnerability detected by Amazon inspector, emphasizes software deficiencies and configuration problems
- Proceedings: Displays all posture management findings from AWS Security Hub Cloud Security Management (CSPM), which helps adherence to proven security procedures
- Sensitive data: It represents all sensitive data findings identified by Amazon Macie to help you monitor and protect your sensitive information
When you navigate Exhibition Page, you will see the Groupd finding by the name, with the levels of severity clearly indicate that it will first help you focus on critical problems.
If you want to explore specific exhibits, you can select any finding to see the affected resources. The panel contains key information about the implicated source, account, region, and when the outlet has been detected.
In this panel you will also find a visualization of an attack that is particularly useful for understanding complex security relationships. For network exposure paths you can see all components involved in the way – including virtual private clouds (VPC), subnets, security groups, network access control lists and load balancers – and stretch you where you identify exactly where to implement security controls. Visualization also emphasizes the relationships for identity and access management (IAM), which shows how the authorization could allow escalation of privileges or access to data. Sources with more contributing features are clearly marked, so you can quickly find out which components replace the greatest risk.
Tea Threat Dashboard provides special information on potential harmful activities of determined Amazon Guardduta and organizes severity findings, so you can quickly critical critical problems such as unusual API calls, suspicious network traffic or potential compromises. On the dashboard included the detection of threat detection, all “critical” severity threatened three widespread threat detection that requires immediate attention.
Similarly Vulnerability Dashboard from Amazon Inspector provides an understanding of the view of the software injury and the risks of network exposure. The control panel emphasizes injuries with familiar exploitation, updates requiring packages and resources with the highest number of injured.
Another valuable new feature is Resources View that provides an inventory of all sources deployed in your organization, which is covered by the AWS Security Center. You can use this view to quickly identify which resources have against them and filter according to the type of source or find severity. Selection of any resource providers detailed configuration information without having to turn to other brackets and streaming of the investigation process.
The new security center also offers integration skills to help you fully monitor your cloud round and connect with third -party security solutions. This gives you flexibility to create a uniform security solution adapted to the specific needs of your organization.
For example, with the possibility of integrating when viewing a safety finding, you can select Create a ticket Option and choose the preferred integration of tickets.
Other things to know
Here are a few things that you can note:
- Availability – During this period of preview, the new AWS security center is available in the following AWS regions: Us East (N. Virginia, Ohio), US West (N. Kalifornia, Oregon), Africa (Cape Town), Asia Pacific (Hong Kong, Jakarta, Mumbai, Osaka, Sydney, Sydney, Tokyo) (Bahrajn) and South America Paulo).
- Prices – The new AWS Security Center is available without further fee during the preview period. However, the costs of integrated abilities are still curious, are Amazon Guardduty, Amazon Inspector, Amazon Macie and AWS Security Hub CSPM.
- Integration with existing AWS safety capacities – Integrats Safety Centers with Amazon Guardduty, Amazon Inspector, AWS Security Hub CSPM and Amazon Macie, which provide security understanding without further surgical directories.
- Improved data interoperability – The new security center uses Open Cybersecurity Schema Framework (OCSF), allowing trouble -free data exchange across your security capacity with normalized data formats.
If you want to learn more about the Enhanced AWS Security Hub and join the preview, visit the AWS Security Hub.
Happy building!
– Donnie