AWS Control Tower - Security notifications

0

Hi Team.

I have implemented Control Tower, Controls (Guardrails) and Conformance Packs for all accounts. After that, I received many sns notifications from email audit account. I understand that I will receive notifications for non-compliance, right?. I would like to know, how often controls and conformance packs are evaluated to estimate approximately how many notifications I will receive per day or hours.

Apart from that, I will implement Security Hub and GuardDuty, so I understand that I will receive sns audit notifications too?

What score is recommended for Conformance packs, Security Hub in terms of security?

Thank you

1개 답변
1

Hi there, Controls and conformance packs are evaluated continuously and can generate notifications whenever a resource is created, modified or deleted that causes a compliance change. The frequency depends on how dynamic your environment is.

For a stable environment, you may only get a few notifications per month. But during active development or infrastructure changes, it could be hundreds per day.

There is no specific conformance score or target for Security Hub. It's meant to show you compliance trends and areas that need attention. A higher score is better, but the goal is to understand and remediate your risks. Ultimately the score to achieve will be dependant on your own risk appetite and regulations.

I hope that helps

profile pictureAWS
답변함 7달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠