Summary
In this chapter, we learned about the NIST Framework and how AWS services are compatible with the NIST Framework core functions. We learned about how AWS Security Hub helps us with security compliance and prioritizing alerts. Then, we implemented three solutions in which we denied the execution of a non-compliant image on an EKS cluster and imported an AWS Config evaluation to the AWS Security Hub findings console. We also automated incident creation in Incident Manager whenever there were CRITICAL findings in AWS Security Hub. This chapter helped us get familiar with Security Hub and Systems Manager. In the next chapter, we will be ingesting SAST and DAST findings in Security Hub and deciding on the stages of the DevSecOps pipeline.
Integrating AWS Systems Manager with Security Hub to detect issues, create an incident, and remediate automatically
Integrating AWS Systems Manager with Security Hub to detect issues, create an incident, and remediate automatically...
