All news with #aws security hub tag

AWS Strengthens Cybersecurity and Resilience in the EU

🔒 AWS reiterates its commitment to raising cybersecurity standards across the European Union, positioning security as a core responsibility across its global operations. The post explains how AWS supports customers in meeting the NIS 2 Directive (EU 2022/2555) and related Implementing Regulation (EU 2024/2690) through services, audited controls, and guidance. It highlights certifications, regional accreditations, and tools—such as AWS Security Hub, AWS Config, and AWS CloudTrail—that help entities meet governance, incident reporting, and resilience obligations. The blog also describes AWS collaboration with national authorities and programs that provide templates, training, and operational engagement to improve readiness and compliance.

AWS Security Hub Adds Near Real-Time Risk Analytics

🔒 AWS announces general availability of AWS Security Hub, adding near real-time risk analytics, advanced trends, unified enablement, and streamlined pricing across AWS security services. Security Hub correlates and enriches signals from Amazon GuardDuty, Amazon Inspector, and AWS Security Hub CSPM to surface and prioritize active risks. Centralized deployment across AWS Organizations, attack-path visualization, and automated workflows reduce manual correlation and speed remediation at scale.

Automated AWS Integration: CrowdStrike Falcon Next-Gen SIEM

🛡️ AWS and CrowdStrike have launched an automated integration experience for CrowdStrike Falcon Next-Gen SIEM in AWS Marketplace that streamlines cloud-native security monitoring. The guided wizard automates connector configuration and provisions least-privilege IAM roles, Amazon SQS queues, EventBridge rules, and SNS topics. Security teams can quickly enable agentic AI-assisted investigation, advanced correlation, and automated response across their AWS Organization, and subscribe via new pay-as-you-go pricing.

AWS Security Hub CSPM Adds CIS AWS Foundations v5.0

🛡️ AWS Security Hub CSPM now supports the CIS AWS Foundations Benchmark v5.0, introducing 40 automated configuration checks aligned to the industry standard. The new standard is available in all Regions where Security Hub CSPM operates, including AWS GovCloud (US) and the China Regions. AWS recommends using Security Hub CSPM central configuration to enable the standard across selected accounts and Regions with a single action. Customers can subscribe to the CSPM SNS topic for updates and try Security Hub free for 30 days.

Planning and Running an AWS Security Hub POC Guide

🔒 This post explains how to plan and implement an AWS Security Hub proof of concept (POC) to evaluate unified cloud security operations. It outlines steps to define success criteria, configure integrations with GuardDuty, Amazon Inspector, Macie, and Security Hub CSPM, and to prepare, enable, and validate the deployment. The guidance recommends using overlapping trial periods, adopting the OCSF standard for normalized findings, and leveraging automation and ticketing integrations to measure operational impact.

Optimize Security Operations with AWS Incident Response

🔒 AWS Security Incident Response provides an AWS-native incident management capability that combines automated triage, threat intelligence, and customer metadata to surface and prioritize genuine threats. The service integrates with Amazon GuardDuty, AWS Security Hub, and select third-party detections, and offers a unified console with 24/7 access to the AWS Customer Incident Response Team (CIRT). It supports delegated administration, organization-wide coverage, and immutable case timelines. Included with Amazon Managed Services (AMS), it accelerates investigation and containment to reduce mean time to resolution.

Defense-in-Depth: Building an AWS Control Framework

🔒 This post outlines a practical, layered approach to reduce risk in AWS by moving beyond detective-only controls to a comprehensive defense‑in‑depth control framework. It recommends combining preventative, proactive, detective, and responsive controls across the resource lifecycle and illustrates how AWS services such as AWS Control Tower, AWS Organizations, Security Hub, and AWS Config enable that strategy. The guidance covers concrete patterns—from SCPs, RCPs and policy‑as‑code in CI/CD to automated remediation via Lambda and Systems Manager—to scale governance, reduce findings, and shorten remediation time.

AWS releases SRA Verify: Open-source SRA assessment

🔍 SRA Verify is an open-source assessment tool from AWS that automates validation of an organization’s alignment to the AWS Security Reference Architecture (AWS SRA). It runs automated checks across multiple services to verify configurations and highlight deviations from recommended patterns. The tool links checks to remediation guidance and IaC examples to help teams implement fixes more quickly. It currently covers CloudTrail, GuardDuty, IAM Access Analyzer, Config, Security Hub, S3, Inspector, and Macie, with plans to expand.