Tag: SIEM

April 8, 2024: We have updated the post to revise the CloudFormation launch stack link to provision the CloudFormation template. Continually reviewing your organization’s incident response capabilities can be challenging without a mechanism to create security findings with actual HAQM Web Services (AWS) resources within your AWS estate. As prescribed within the AWS Security Incident […]

As HAQM Web Services (AWS) Security Solutions Architects, we get to talk to customers of all sizes and industries about how they want to improve their security posture and get visibility into their AWS resources. This blog post identifies the top three most commonly used Security Hub usage patterns and describes how you can use […]

April 25, 2023: We’ve updated this blog post to include more security learning resources. AWS Security Hub provides you with a consolidated view of your security posture in HAQM Web Services (AWS) and helps you check your environment against security standards and current AWS security recommendations. Although Security Hub has some similarities to security information […]

September 9, 2021: HAQM Elasticsearch Service has been renamed to HAQM OpenSearch Service. See details. HAQM GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help protect your AWS accounts and workloads. Enable GuardDuty and it begins monitoring for: Anomalous API activity Potentially unauthorized deployments and compromised instances […]