2 Answers
- Newest
- Most votes
- Most comments
0
Fully customizable standards are coming in the future. Today, you can disable individual controls in a standard. This can only be done after you have enabled the standard.
Relevant docs:
https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-cis-to-disable.html
answered 4 years ago
0
Thank you, Ely. That is great to hear about fully customizable standards coming in the future. Also, thank you for confirming that we can only enable standards and then disable individual rules. That is what I thought.
answered 4 years ago
Relevant content
- asked a year ago
- asked 3 months ago
- asked 3 years ago
- AWS OFFICIALUpdated 2 days ago
- AWS OFFICIALUpdated 4 months ago
Hi Ely, so are we now able to add custom Security Standards in the security hub?
Hi Ely,
I don't see that this was ever released and we'd still like to be able to define a custom standard. Selecting rules from the existing standards would be perfectly acceptable for us. We know we can enable the standards via the API and then turn off individual rules, but we then have to monitor for new rules and add them to the script or we will have new AWS accounts with rules that we do not wish to be enabled. It would be so much easier to just select the rules we wish to have enabled and add them to a custom standard. We wouldn't have to constantly maintain the script that way and it would simplify the entire process. Please let us know if this is still planned.
Thank you, Jeff