This course explores AWS Security Hub, starting with a high-level overview of AWS security. We are then going to highlight some of the services that sit in the AWS security space concluding with AWS Security Hub and some sample security result findings obtained using the AWS Console.
Learning Objectives
- Learn how AWS Security Hub helps you automate security checks, manage security issues, and identify the highest priority security findings in your AWS implementation
- Understand AWS security services including Amazon Inspector, Macie, and Guard Duty
- Learn how to check your environments and systems against security industry standards and best practices
Intended Audience
This course is intended for architects, developers, and system operators looking for a unified, scalable way to secure AWS accounts and resources.
Prerequisites
To get the most out of this course, you should meet the requirements for the AWS Cloud Practitioner certification and preferably one of the AWS associate-level certifications.
With AWS Security Hub enabled, Amazon GuardDuty, Amazon Inspector and Amazon Macie findings are automatically sent to Security Hub as the single point of access and remediation for security issues. On the first item, we notice that Security Hub uses AWS Config rules to perform most of its security checks for controls. On the second item, we notice AWS Security Hub automatically runs continuous, account-level configuration and security checks based on AWS best practices and industry standards.
On the third item we note, AWS Security Hub supports integration with Amazon EventBridge to automatically send notifications and remediation details of security findings. You can use custom actions to send results to a ticketing system or to an automated remediation service.
Now in this next diagram, things are a little more advanced. It's important to note that AWS Security Hub findings can display results from AWS services that include GuardDuty, Inspector, Macie, AWS Firewall, AWS Systems Manager Patch Manager and AWS Identity and Access Management Access Analyzer among many others. There's a total of over a dozen services that AWS Security Hub is able to integrate into a single point of viewing for security findings. I have no doubt, the list will continue to grow as time goes by.
For now, it's important, especially for beginners, to have a sense of the benefit delivered by the individual services that AWS Security Hub aggregates. Let's briefly discuss the first three services that integrated with security hub. They are Amazon Inspector, Amazon GuardDuty and Amazon Macie. We're going to keep things simple, so please don't worry. We'll discuss the main benefits and take a look at some sample findings from screens for each of them. We'll return to our discussion of AWS Security Hub shortly after.
Experienced in architecture and delivery of cloud-based solutions, the development, and delivery of technical training, defining requirements, use cases, and validating architectures for results. Excellent leadership, communication, and presentation skills with attention to details. Hands-on administration/development experience with the ability to mentor and train current & emerging technologies, (Cloud, ML, IoT, Microservices, Big Data & Analytics).