AWS Security Hub provides security alerts and compliance information related to Amazon Web Service accounts, services, and supported third-party partner products. It aggregates, organizes, and prioritizes security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty and Amazon Cloudwatch. Amazon Cloudwatch is native to AWS Security Hub and has event rules that allows prioritization and grouping findings into tickets or automated remediation systems. GuardDuty is a managed threat detection service that uses machine learning to safeguard critical AWS accounts and services from malicious activity and other security threats. It monitors and logs activity within the AWS environment, provides recommendations for remediation and assigns severity to those issues. GuardDuty offers seamless integration with AWS Cloudwatch events and Lambda to provide automated remediation plans.
With the AWS Security Hub integration with Archer, organizations can standardize the findings from all these sources eliminating the need to convert the data for analysis. It allows organizations to automatically import data from AWS Security Hub directly into Archer. Organizations will have visibility into the AWS Security Hub findings and can analyze the data to prioritize security alerts that impact the organization the most. They can report on their findings and update AWS Security Hub from Archer.
Key Features
The AWS Security Hub integration enables organizations to:
- Capture and prioritize security findings across AWS services and partner offerings
- Generate findings from AWS accounts and services into a centralized location
- Configuration and compliance checks to identify accounts or resources that require attention
- Automate threat detection service to monitor AWS accounts for potential malicious activity and vulnerabilities
Solution and Platform Information
- Solution Area: Archer IT & Security Risk Management
- Prerequisite Use Cases:
- Supported Platform Version: This offering has been validated on Archer Platform release 6.7.
- Supported Archer Environments:
- On-Premises
- Archer Hosted
- Archer SaaS
Archer On-Demand Application (ODA) Licenses
Two (2) Archer On-Demand Application (ODA) licenses are required for the AWS Security Hub Integration.
For More Information
To learn more about the AWS Security Hub certified integration:
- Review the Implementation Guide; and
- Download the Installation Package.
The AWS Security Hub Integration is an offering provided through the Archer Exchange to enhance your existing Archer implementation. To learn more about the Archer Exchange, please visit the Archer Exchange on the Archer Community.
For Additional Support
To learn more about this offering, please contact your Account Rep for additional details. For technical support questions regarding this offering, please open a support case.
