1. AWS Security Hub Partners
  2. AWS Security Hub Security Blogs
  3. AWS re:Post questions for AWS Security Hub
  4. AWS Security Hub FAQs
  5. AWS Security Hub Pricing
  6. Free Cybersecurity Training
  7. Automated response & remediation
    1. EventBridge (Enrichment, Actions, Notifications)
      1. AWS Solutions
      2. Lambda
      3. AWS Systems Manager Automation
      4. Amazon Kinesis Data Streams
      5. AWS Step Functions
      6. Amazon SNS
      7. Amazon SQS queue
      8. Integration with 3rd party platform
        1. Sample security partners (Dec 2021)
        2. SIEM
        3. SOAR
        4. Instant messaging (Slack, PagerDuty, etc.)
        5. Ticketing systems
  8. AWS Trusted Advisor
  9. AWS Chatbot
  10. Pivot to Amazon Detective
  11. Audit Manager
    1. Audit Reports
  12. Sources
    1. Security Hub Integrated Standards (via AWS Config)
      1. CIS AWS Foundations Benchmark
      2. PCI DSS
      3. AWS Foundational Security Best Practices standard
    2. AWS internal sources
      1. IAM Access Analizer
        1. External Access Granted
      2. System Manager Patch Manager
        1. Inventory
        2. Compliance
      3. AWS Firewall Manager
        1. WAF Policy
        2. ACL Rules
        3. AWS Shield
        4. DNS Firewall
        5. AWS Network Firewall
      4. Amazon Inspector
        1. Amazon EC2
        2. Containers in ECR
      5. Macie
        1. Amazon S3
          1. Publicly accessible buckets
          2. Unencrypted buckets
          3. Buckets shared with AWS accounts / Organizations
          4. Identify & Alert on personally identifiable information (PII)
      6. AWS Health
      7. GuardDuty
        1. CloudTrail Event Logs
        2. CloudTrail Management Events
        3. CloudTrail S3 Data Events
        4. VPC Flow Logs
        5. DNS logs
        6. GuardDuty for EKS
          1. New Security Blog!
        7. Threat intelligence (IP and domains)
          1. AWS Security
          2. 3rd party providers
          3. Proofpoint
          4. CrowdStrike
          5. Custom threat lists
    3. 3rd party AWS Partner Network (APN) (some bi-directional)
      1. Anti-Malware
      2. Compliance solutions
      3. Firewalls
      4. Vulnerability managers