Amazon Security Hub website screenshot

Amazon Security Hub

AWS Security Hub is a cloud security posture management service that provides a comprehensive view of your security state across AWS accounts. It aggregates, organizes, and prioritizes security findings from multiple AWS services and third-party tools, enabling centralized security monitoring, compliance checking, and automated remediation workflows.

1 APIs 8 Features
ComplianceMonitoringSecurity

APIs

AWS Security Hub API

The AWS Security Hub API provides programmatic access to manage centralized security findings across your AWS environment. It enables developers to import and manage security fi...

Collections

Arazzo Workflows

Amazon Security Hub Bootstrap Posture Baseline

Enable Security Hub, confirm its standards, and capture an initial findings baseline.

ARAZZO

Amazon Security Hub Enable Hub and Review Standards

Enable Security Hub for the account and review which security standards are now available.

ARAZZO

Amazon Security Hub Onboard Product Integration

Enable a partner product integration and verify its findings flow into Security Hub.

ARAZZO

Amazon Security Hub Review Insight Findings

List a saved insight and drill into the findings behind it.

ARAZZO

Amazon Security Hub Standards Compliance Audit

List the enabled security standards and pull the failing compliance findings behind them.

ARAZZO

Amazon Security Hub Triage and Update Findings

Retrieve high-severity findings and update them by re-importing the modified records.

ARAZZO

Pricing Plans

Rate Limits

Amazon Security Hub Rate Limits

5 limits

RATE LIMITS

FinOps

Features

Multi-Account Findings Aggregation

Aggregate security findings from across multiple AWS accounts and regions into a single pane of glass.

AWS Security Finding Format (ASFF)

Standardized JSON format for all security findings enabling consistent analysis and automation.

Built-in Compliance Standards

Automated compliance checks against CIS AWS Foundations, PCI DSS, NIST, SOC 2, and AWS Foundational Security Best Practices.

Third-Party Integrations

Ingest findings from 80+ third-party security partners including CrowdStrike, Palo Alto Networks, and Splunk.

Automated Remediation

Trigger automated remediation via Amazon EventBridge and AWS Security Hub automated response and remediation.

Security Insights

Correlated views of security findings to highlight areas needing attention.

Custom Actions

Create custom actions to send findings to ticketing, chat, and SOAR platforms.

Cross-Region Aggregation

Aggregate findings across multiple AWS regions into a designated aggregation region.

Use Cases

Cloud Security Posture Management

Continuously monitor your AWS environment for security misconfigurations and compliance gaps.

Compliance Reporting

Automate compliance checks and generate reports for CIS, PCI DSS, NIST, and other frameworks.

Multi-Account Security Operations

Centralize security monitoring across dozens or hundreds of AWS accounts in an organization.

Threat Detection Aggregation

Aggregate findings from GuardDuty, Inspector, Macie, and third-party tools in one place.

Automated Incident Response

Trigger automated remediation workflows when critical findings are detected.

Security Tool Consolidation

Replace multiple point solutions with centralized finding aggregation and normalized data.

Semantic Vocabularies

Amazon Security Hub Context

1 classes · 15 properties

JSON-LD

API Governance Rules

Amazon Security Hub API Rules

18 rules · 8 errors 8 warnings 2 info

SPECTRAL

JSON Structure

Amazon Security Hub Finding Structure

15 properties

JSON STRUCTURE

Example Payloads

Resources

🔗
PostmanWorkspace
PostmanWorkspace
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🔗
Arazzo
Arazzo
🌐
Portal
Portal
🚀
GettingStarted
GettingStarted
🔗
Documentation
Documentation
🔗
APIReference
APIReference
🌐
Console
Console
📝
Signup
Signup
💰
Pricing
Pricing
💬
FAQ
FAQ
📰
Blog
Blog
🟢
StatusPage
StatusPage
💬
Support
Support
📜
TermsOfService
TermsOfService
📜
PrivacyPolicy
PrivacyPolicy
🔗
Compliance
Compliance
👥
GitHubOrganization
GitHubOrganization
👥
YouTube
YouTube
👥
StackOverflow
StackOverflow
🔗
KnowledgeCenter
KnowledgeCenter
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary
🔗
JSONLD
JSONLD
🔗
JSONStructure
JSONStructure
💻
Examples
Examples

Sources

Raw ↑
opencollection: 1.0.0
info:
  name: Amazon Security Hub
  version: '2018-10-26'
items:
- info:
    name: Administration
    type: folder
  items:
  - info:
      name: Amazon Security Hub Enable Security Hub
      type: http
    http:
      method: POST
      url: https://securityhub.amazonaws.com/accounts
      body:
        type: json
        data: '{}'
    docs: Enables Security Hub for your account in the current Region or the Region you specify in the request.
- info:
    name: Findings
    type: folder
  items:
  - info:
      name: Amazon Security Hub Get Findings
      type: http
    http:
      method: POST
      url: https://securityhub.amazonaws.com/findings
      body:
        type: json
        data: '{}'
    docs: Returns a list of findings that match the specified criteria, with filtering, sorting, and pagination support.
  - info:
      name: Amazon Security Hub Batch Import Findings
      type: http
    http:
      method: POST
      url: https://securityhub.amazonaws.com/findings/import
      body:
        type: json
        data: '{}'
    docs: Imports security findings generated from an integrated third-party product into Security Hub.
- info:
    name: Insights
    type: folder
  items:
  - info:
      name: Amazon Security Hub Get Insights
      type: http
    http:
      method: POST
      url: https://securityhub.amazonaws.com/insights
      body:
        type: json
        data: '{}'
    docs: Lists and describes insights for the specified insight ARNs or returns all insights.
- info:
    name: Integrations
    type: folder
  items:
  - info:
      name: Amazon Security Hub Enable Import Findings for Product
      type: http
    http:
      method: POST
      url: https://securityhub.amazonaws.com/productSubscriptions
      body:
        type: json
        data: '{}'
    docs: Enables the integration of a partner product with Security Hub, allowing import of findings from that product.
- info:
    name: Standards
    type: folder
  items:
  - info:
      name: Amazon Security Hub Describe Standards
      type: http
    http:
      method: GET
      url: https://securityhub.amazonaws.com/standards
      params:
      - name: NextToken
        value: ''
        type: query
      - name: MaxResults
        value: ''
        type: query
    docs: Returns a list of the available security standards, including the name, description, and subscription status.
bundled: true