How can I check Firewall Manager security group policy findings using Security Hub?

2 minute read

I want to know how I can check my AWS Firewall Manager security group policy findings using AWS Security Hub.

Short description

Firewall Manager creates findings for resources that are out of compliance for detected attacks and then sends the findings to Security Hub. Firewall Manager is integrated with Security Hub to receive security group policy findings including:

Note: If you’re already using Firewall Manager, Security Hub automatically enables this integration. You don’t need to take any additional action to begin to receive findings from Firewall Manager.

Resolution

To view Firewall Manager security group finding types in Security Hub, follow these steps:

Filtering with findings

Open the Security Hub console in the same Region where the security group policy was created.
From the navigation pane, choose Findings.
Choose Add filter. The filter menu opens.
From the filter dropdown menu, choose Product name.
Under Product name, choose the operator dropdown menu, and choose is.
Enter the value as Firewall Manager, and then choose Apply. Note: Search values are case sensitive.

Filtering with integrations

Open the Security Hub console in the same Region where the security group policy was created.
From the navigation pane, choose Integrations.
In the Integrations search pane, enter Firewall Manager. If you are already using Firewall Manager, the Status of this integration should display Accepting findings. Note: Search values are case sensitive.
Choose See findings.

(Optional) Disabling integration

If you want to disable the integration of Firewall Manager findings with Security Hub, follow these steps:

Open the Security Hub console.
From the navigation pane, choose Integrations.
In the Integrations search pane, enter Firewall Manager.
Choose Stop accepting findings, accept the I want to stop accepting findings agreement, and then choose Stop accepting findings.

For more information, see Firewall Manager findings and Security Hub findings.

Related information

How can I use Security Hub to monitor security issues for my AWS environment?

How do I set up AWS Firewall Manager for my AWS account?

Topics

Security, Identity, & Compliance

Relevant content

AWS Security Hub: Sending Findings to S3 for Athena
rePost-User-3083389
asked a year ago
Security Hub Findings with Organizations
Accepted Answer
rePost-User-8961486
asked 7 months ago
How Can I Satisfy KMS.1 in Security Hub Findings
rePost-User-8961486
asked 3 months ago
Anomaly in AWS Security Hub Findings
Accepted Answer
rePost-User-7669034
asked a year ago
Need Some Guidance for listing Security hub findings for "Compliance: Passed" Status
Accepted Answer
RGADA
asked 2 years ago
How can I use Security Hub to monitor security issues for my AWS environment?
AWS OFFICIALUpdated 2 years ago
How can I find the resources associated with an Amazon EC2 security group?
AWS OFFICIALUpdated a year ago
How can I use custom policy rules with my Firewall Manager content audit security group policy?
AWS OFFICIALUpdated a year ago
How can I aggregate my Security Hub findings and security scores from multiple AWS Regions?
AWS OFFICIALUpdated 2 years ago
Announcing 4 new widgets on AWS Console Home - Security Hub, Ops summary, Patch compliance, and Managed instances
EXPERT
Grace Kitzmiller
published a year ago