Chapter 7: Infrastructure Security Automation Using Security Hub and Systems Manager
In this chapter, we will explore AWS Security Hub, which is one of the security services of AWS. We will learn how to implement solutions with the integration of Security Hub and various other AWS services to achieve security automation. We will implement three solutions. The first will be related to Elastic Container Registry (ECR) compliance and how we can ensure that a non-compliant image does not run in an Elastic Container Service for Kubernetes (EKS) cluster. The second solution will be importing an AWS Config rules evaluation as a finding in Security Hub using Lambda and AWS EventBridge rule. The third solution will be about the auto-creation of an incident in Incident Manager when there is a critical finding in Security Hub, and remediation using an OpsCenter runbook. Knowing how to use Security Hub will also help in the next chapter, where we will import Static Application Security Testing...
