Amazon Security Hub logo

Amazon Security Hub

AWS Security Hub is a cloud security posture management service that provides a comprehensive view of your security state across AWS accounts. It aggregates, organizes, and prioritizes security findings from multiple AWS services and third-party tools, enabling centralized security monitoring, compliance checking, and automated remediation workflows.

1 APIs 1 Capabilities 8 Features
AWSComplianceMonitoringSecurity

APIs

AWS Security Hub API

The AWS Security Hub API provides programmatic access to manage centralized security findings across your AWS environment. It enables developers to import and manage security fi...

Capabilities

Amazon Security Hub Cloud Security Posture

Unified capability for cloud security posture management including findings aggregation, compliance standards monitoring, and security insights. Used by Cloud Security Engineers...

Run with Naftiko

Features

Multi-Account Findings Aggregation

Aggregate security findings from across multiple AWS accounts and regions into a single pane of glass.

AWS Security Finding Format (ASFF)

Standardized JSON format for all security findings enabling consistent analysis and automation.

Built-in Compliance Standards

Automated compliance checks against CIS AWS Foundations, PCI DSS, NIST, SOC 2, and AWS Foundational Security Best Practices.

Third-Party Integrations

Ingest findings from 80+ third-party security partners including CrowdStrike, Palo Alto Networks, and Splunk.

Automated Remediation

Trigger automated remediation via Amazon EventBridge and AWS Security Hub automated response and remediation.

Security Insights

Correlated views of security findings to highlight areas needing attention.

Custom Actions

Create custom actions to send findings to ticketing, chat, and SOAR platforms.

Cross-Region Aggregation

Aggregate findings across multiple AWS regions into a designated aggregation region.

Use Cases

Cloud Security Posture Management

Continuously monitor your AWS environment for security misconfigurations and compliance gaps.

Compliance Reporting

Automate compliance checks and generate reports for CIS, PCI DSS, NIST, and other frameworks.

Multi-Account Security Operations

Centralize security monitoring across dozens or hundreds of AWS accounts in an organization.

Threat Detection Aggregation

Aggregate findings from GuardDuty, Inspector, Macie, and third-party tools in one place.

Automated Incident Response

Trigger automated remediation workflows when critical findings are detected.

Security Tool Consolidation

Replace multiple point solutions with centralized finding aggregation and normalized data.

Integrations

Amazon GuardDuty

Native integration to ingest GuardDuty threat detection findings.

Amazon Inspector

Aggregate Inspector vulnerability assessment findings.

Amazon Macie

Ingest Macie sensitive data discovery findings.

AWS Config

Integration with Config rules for configuration compliance findings.

Amazon EventBridge

Trigger automated remediation and notification workflows based on findings.

AWS Lambda

Execute custom remediation actions in response to security findings.

AWS Organizations

Enable Security Hub across all accounts in an AWS Organization.

CrowdStrike

Third-party integration for endpoint detection and response findings.

Splunk

Export Security Hub findings to Splunk SIEM for advanced analysis.

Palo Alto Networks

Ingest Prisma Cloud and other Palo Alto findings via Security Hub integration.

Semantic Vocabularies

Amazon Security Hub Context

1 classes · 15 properties

JSON-LD

API Governance Rules

Amazon Security Hub API Rules

18 rules · 8 errors 8 warnings 2 info

SPECTRAL

Resources

🌐
Portal
Portal
🚀
GettingStarted
GettingStarted
🔗
Documentation
Documentation
🔗
APIReference
APIReference
🌐
Console
Console
📝
SignUp
SignUp
💰
Pricing
Pricing
💬
FAQ
FAQ
📰
Blog
Blog
🟢
StatusPage
StatusPage
💬
Support
Support
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
🔗
Compliance
Compliance
👥
GitHubOrganization
GitHubOrganization
👥
YouTube
YouTube
👥
StackOverflow
StackOverflow
🔗
KnowledgeCenter
KnowledgeCenter
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary
🔗
NaftikoCapability
NaftikoCapability
🔗
JSON-LD
JSON-LD
🔗
JSONStructure
JSONStructure
💻
Example
Example
🔗
NaftikoCapability
NaftikoCapability