AWS Security Hub
-
Upload
others
-
View
7
-
Download
0
Embed Size (px)
Citation preview
PowerPoint Presentation© 2018, Amazon Web Services, Inc. or its
Affiliates. All rights reserved. © 2018, Amazon Web Services, Inc.
or its Affiliates. All rights reserved.
Ely Kahn
AWS Security Hub Service Overview
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Speaker Bio – Ely Kahn
• Co-founder of Sqrrl (acquired by AWS in January 2018)
• Former Director of Cybersecurity at the White House
• Former Deputy Chief of Staff for the Cybersecurity and
Infrastructure Security Agency at the Dept. of Homeland
Security
• Harvard BA, Wharton MBA
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Agenda
Wrap-up and Next Steps
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Service Overview
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
AWS security overview
Invest igate
Automate Amazon
Macie
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Problem statement
need to priorit ize
dif ferent data
across security
4
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
AWS Security Hub overview
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Rollout plans and pricing
AWS Security Hub is available today as a public preview
service
• Available at no additional cost except for AWS Config costs for
new AWS Config users
• Open to everyone
• Get started in a few clicks
• Goal is to iterate on latest features with customers before
releasing as generally available (GA)
Full API/CLI/SDK support
Supported Regions (15)
• Asia Pacific (Mumbai) • Asia Pacific (Seoul) • Asia Pacific
(Singapore) • Asia Pacific (Sydney) • Asia Pacific (Tokyo) • Canada
(Central) • EU (Frankfurt • EU (Ireland) • EU (London) • EU (Paris)
• South America (Sao Paulo) • US East (N. Virginia) • US East
(Ohio) • US West (N. California) • US West (Oregon)
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Customers and Partners
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Some of our current users
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Partner integrations
Firewalls
Vulnerability
SOAR
SIEM
Endpoint
Compliance
MSSP
Other
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Partner integration examples — CrowdStrike
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Partner integration examples — Alert Logic
Customer Environment
Processing and Analyt ics
1. Inspected data is t ransported to Alert Logic’s Data
Ingest ion, Processing and Analyt ics Plat form
2. Alert Logic’s THREAT DETECTION AND RESPONSE
capability analyzes the data and ident if ies INCIDENTS
3. An internal service (dedicated to AWS Security Hub) assesses the
INCIDENT for potent ial post ing to AWS
Security Hub
4. The INCIDENT is then posted to the respect ive
customer’s AWS Security Hub Console as a FINDING
1
2
3
4
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Partner integration examples — Armor
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Partner integration examples — Cloud Custodian
Details and directions at:
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Features
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
A few clicks to enable Security Hub
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Simple multi-account setup
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
AWS Security Finding Format
• Effects
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Automated compliance checks
43 fully automated, nearly continuous checks
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Insights help identify resources that require attention
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Customizable response and remediation actions
Event (event-
based)
Rule
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Demo
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Key takeaways
Collect and process security findings from mult iple accounts
within a region
Evaluate your compliance against regulatory and best practice
frameworks
Identify and priorit ize the most important issues by grouping and
correlating
security findings with Insights
Understand and manage your overall AWS security and compliance
posture
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights
reserved.
Next steps