Questions tagged with AWS Security Hub
AWS Security Hub is a cloud security posture management service that performs security best practice checks, aggregates alerts, and enables automated remediation.
Content language: English
Select tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
207 results
I'm trying to test AWS GuardDuty’s detection capability for "CredentialAccess:InstanceCredentialExfiltration" but haven't been able to trigger an alert. Here’s what I did:
Setup:
1.Launched an EC2 i...
Hi all
I deployed my landing zone through LZA - https://aws.amazon.com/solutions/implementations/landing-zone-accelerator-on-aws/. Now I want to configure Security Hub central configuration policy, h...
asked a month ago
Hi all
I set up NIST SP 800-53 Rev. 5 standard in my AWS Security Hub. I can see a control saying "[NetworkFirewall.6] Stateless Network Firewall rule group should not be empty". If I don't have any ...
asked a month ago
Hello,
## Environment Overview
* The organization has around 50 accounts.
* Three OUs (Organizational Units) apply different Security Hub standards.
## Issues Encountered
### When a new account is c...
Hi all
I see the same findings again and again. For example, let's I have a lambda which is not inside a VPC, then my AWS Config rule "lambda-in-vpc" creates findings everyday and send it to the AWS ...
asked 2 months ago
Hi all
I'm using AWS Security Hub, and I can see many FAILED controls due to some of the FAILED but intended resources. Can I ignore the FAILED status of some intended resource, i.e., make the contro...
asked 2 months ago
Hi all
I deployed a custom AWS Config conformance pack and I'd love to create a AWS Security Hub custom widget in the Summary page as follows:
1. Filter findings using: Title CONTAINS "conformance-p...
asked 2 months ago
I received the following solutions for labeling a URL in a python lambda function:
To label or name a URL in a Python Lambda function used in an SNS message, you can use HTML formatting within your me...
I am running a lambda function to get the security group of instances. Here is part of the lambda function that is failing
def get_security_groups(instance_id):
try:
response = ec2.descr...
looking to see if there is a way to get an instance's security group from a Security Hub finding.
I have the following lambda function used to pull HIGH and CRITICAL findings. There is a requirement...
I am managing 2 AWS accounts. I have a lambda function that I am using to query AWS Security Hub Findings, securityhub.get_findings. I am trying to reuse this lambda function that is working in acco...
I have a lambda function that I am using securityhub.get_findings to pull AWS Security Hub Findings. I am trying to filter all HIGH and CRITICAL finding, along with specific findings that CONTAIN a c...