Let's quickly go through some important concepts around Security Hub and its related services:
- Security Hub is a regional service. If cost is not a constraint, it is recommended to enable it in all regions.
- Security Hub can integrate with third-party security tools such as Alert Logic, Armor, Atlassian Opsgenie, and more.
- We can archive security findings from the Findings page so that older ones won't appear on the page.
- The Center for Internet Security (CIS) provides security standards for different servers, applications, and cloud providers. For example, they provide a set of security standards that are specific to AWS security.
- CIS Benchmarks for AWS can be categorized into four categories: identity and access management, logging, monitoring, and networking.
- IAM Access Analyzer uses logic-based reasoning to analyze resource-based policies in our AWS environment to inform us which resources in our account are shared with external principals.
- AWS Firewall Manager can be used to manage firewall rules across accounts and applications.
Learning about and understanding the CIS security benchmark controls for AWS will provide us a better sense of security while working with AWS infrastructure. These controls can also help us take better decisions at work and even during exams.