Home/Glossary/AWS Security Hub

AWS Security Hub

AWS service that aggregates security findings from multiple AWS services and third-party tools, providing a unified view of security posture.

Cloud SecurityAlso called: "security hub", "aws cspm"

AWS Security Hub centralizes security alerts and compliance status across AWS accounts and services.

Key capabilities

  • Finding aggregation: Collects findings from GuardDuty, Inspector, Macie, and more.
  • Security standards: Automated checks against CIS, PCI DSS, AWS Foundational.
  • Security score: Overall compliance percentage by standard.
  • Cross-account: Aggregate findings across AWS Organizations.
  • Integrations: Third-party security tool findings.

Integrated AWS services

  • Amazon GuardDuty (threat detection).
  • Amazon Inspector (vulnerability scanning).
  • Amazon Macie (data discovery).
  • AWS Firewall Manager (firewall compliance).
  • IAM Access Analyzer (access findings).
  • AWS Config (configuration compliance).

Security standards included

  • CIS AWS Foundations Benchmark.
  • AWS Foundational Security Best Practices.
  • PCI DSS v3.2.1.
  • NIST SP 800-53.

Automation capabilities

  • EventBridge integration for automated response.
  • Custom actions for manual workflows.
  • Automated remediation with Lambda.

Best practices

  • Enable in all regions you operate.
  • Aggregate to a central security account.
  • Prioritize critical and high findings first.
  • Suppress false positives with suppression rules.
  • Integrate with ticketing systems for tracking.

Pricing

  • Per security check and finding ingested.
  • 30-day free trial for new accounts.

Related Tools

Related Articles

View all articles
30 Cloud Security Tips for 2026: Essential Best Practices for Every Skill Level

30 Cloud Security Tips for 2026: Essential Best Practices for Every Skill Level

Master cloud security with 30 actionable tips covering AWS, Azure, and GCP.

Read article →
Cloud Migration & Validation Workflow | Complete Migration

Cloud Migration & Validation Workflow | Complete Migration

Execute flawless cloud migrations using proven 7R strategies, AWS Well-Architected Framework, and comprehensive validation at every stage—from discovery to production optimization.

Read article →
CI/CD Pipeline Security Workflow | DevSecOps Best Practices

CI/CD Pipeline Security Workflow | DevSecOps Best Practices

Master the complete CI/CD pipeline security workflow from secrets management to SLSA framework implementation. Implement SAST, DAST, SCA, artifact signing, and policy enforcement to secure your software supply chain.

Read article →
What are CIS Cloud Benchmarks?

What are CIS Cloud Benchmarks?

Learn about CIS Cloud Benchmarks, how they provide prescriptive security guidance for cloud platforms, and how to use them to harden your cloud infrastructure.

Read article →

Explore More Cloud Security

View all terms

Cloud Security Posture Management (CSPM)

Continuous monitoring and remediation of cloud misconfigurations across accounts, services, and regions.

Read more →

Cloud Workload Protection Platform (CWPP)

Security tooling that safeguards cloud-native workloads—containers, serverless functions, and VMs—across build and runtime.

Read more →

Cloud-Native Application Protection Platform (CNAPP)

A unified security platform that combines CSPM, CWPP, and other cloud security capabilities into a single solution.

Read more →

Microsegmentation

A network security technique that divides the network into isolated segments, applying granular access controls between workloads.

Read more →

Shared Responsibility Model

A framework that outlines which security tasks the cloud provider handles versus what the customer must secure.

Read more →

Virtual Private Cloud (VPC)

An isolated virtual network within a cloud provider where you can launch resources with control over IP addressing, subnets, and routing.

Read more →
Back to glossary