Back to Catalog
Security & Compliance

AWS Security Hub

"Centralized view of security alerts and compliance posture."

What is AWS Security Hub?

AWS Security Hub provides a comprehensive view of your security state within AWS and your compliance with security industry standards and best practices. It aggregates alerts (findings) from various AWS services and partner products.

Key Concepts

1. Centralized Findings

  • Aggregates findings from GuardDuty, Inspector, Macie, IAM Access Analyzer, and Firewall Manager into a single dashboard.

2. Automated Compliance Checks

  • Checks your environment against standards like CIS AWS Foundations Benchmark, PCI DSS, and AWS Foundational Security Best Practices.

3. Integrated Response

  • Can trigger automated remediation via EventBridge (e.g., isolate a compromised instance).

Exam Tips

[!IMPORTANT] "Single pane of glass for security" or "Centralized security dashboard": The answer is AWS Security Hub.

[!NOTE] It aggregates findings; it doesn't generate the raw findings itself (except for the compliance checks).

Common Use Cases

  • Compliance Monitoring: Ensuring all accounts meet PCI-DSS standards.
  • Security Posture Management (CSPM): Viewing the overall security health of an organization.
Secrets Manager
Detective
SWIPE ZONE
< DRAG ME >