Posted On: Jul 6, 2022
AWS Security Hub has released 36 new controls for its Foundational Security Best Practice standard (FSBP) to enhance your Cloud Security Posture Management (CSPM). These controls conduct fully-automatic checks against security best practices for AWS Auto Scaling, AWS CloudFormation, HAQM CloudFront, HAQM Elastic Compute Cloud (EC2), HAQM Elastic Container Registry (ECR), HAQM Elastic Container Service (ECS), HAQM Elastic File System (EFS), HAQM Elastic Kubernetes Service (EKS), Elastic Load Balancing (ELB), HAQM Kinesis, AWS Network Firewall, HAQM OpenSearch Service, HAQM Redshift, HAQM Simple Storage Service (S3), HAQM Simple Notification Service (SNS), and AWS WAF. If you have Security Hub set to automatically enable new controls and are already using AWS Foundational Security Best Practices, these controls are enabled for you by default. Security Hub now supports 223 security controls to automatically check your security posture in AWS.
The 36 FSBP controls that we launched are listed in our documentation.
Available globally, AWS Security Hub gives you a comprehensive view of your security posture across your AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as HAQM GuardDuty, HAQM Inspector, HAQM Macie, AWS Firewall Manager, and AWS IAM Access Analyzer, as well as from over 65 AWS Partner Network (APN) solutions. You can also continuously monitor your environment using automated security checks based on standards, such as AWS Foundational Security Best Practices, the CIS AWS Foundations Benchmark, and the Payment Card Industry Data Security Standard. You can also take action on these findings by investigating findings in HAQM Detective and by using HAQM CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or custom remediation playbooks.
You can enable your 30-day free trial of AWS Security Hub with a single-click in the AWS Management console. Please see the AWS Regions page for all the regions where AWS Security Hub is available. To learn more about AWS Security Hub capabilities, see the AWS Security Hub documentation, and to start your 30-day free trial see the AWS Security Hub free trial page.