Introduction to AWS Security Hub
AWS Security Hub is a cloud security service that performs security best practice checks, aggregates all the security findings, and enables automated remediation. Before we dig deep into AWS Security Hub, let's understand the overall AWS cloud security strategy (shown in the following diagram), which is based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
Figure 7.1 – AWS services aligned with the NIST Framework
There are five main core functions of the NIST Framework:
- Identify: This is all about identifying the key assets and resources in your AWS account. AWS has services such as AWS Systems Manager and AWS Config to help you understand what your resources are and how they are deployed within your AWS environment. You can't protect your resources until you properly identify them.
- Protect: This is about building a hard outer shell around your data, applications...
