View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

AWS Security Hub Comes Out of Beta: Here’s What It Will Cost

"Simple to activate these compliance checks automatically.”

By CBR Staff Writer

Amazon says its AWS Security Hub is now generally available for all customers, six months after its beta launch late last year.

AWS Security Hub acts as a central command centre that consolidates findings from AWS myriad security services, including intrusion detection findings from Amazon GuardDuty, vulnerability scans from Amazon Inspector, and S3 bucket policy findings from Amazon Macie.

It also consolidates findings from 30 other third-party security tools. All findings are stored for 90 days.

The system lets user run continuous compliance checks using industry standards and best practices as a guideline. The release comes as users have struggled to centrally monitor security across AWS’s dizzying amount of features and third-party applications that can be deployed by an organisation.

The first 100,000 checks per month will cost $0.0010 per check, AWS said. At over 500,000 compliance checks per month that cost halves. When it comes to finding ingestion events associated with Security Hub’s compliance checks, the service is free up to 10,000 checks; $0.00003 per event thereafter.

Dan Plastina, Vice President for External Security Services at AWS said in a release: “AWS Security Hub is the glue that connects what AWS and our security partners do to help customers manage and reduce risk. By combining automated compliance checks, the aggregation of findings from more than 30 different AWS and partner sources, and partner-enabled response and remediation workflows, AWS Security Hub gives customers a simple way to unify management of their security and compliance.”

The release comes as AWS continues to ratchet up its security offering, adding 239 new security features in 2018 alone.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

AWS Security Hub

The AWS Security Hub uses GuardDuty, AWS’ continuous security monitoring software that processes an average of 92.7 million flow log records per second.

To do this it uses machine learning to identify suspicious, unexpected activity or unauthorised access. The software also compares against stored lists containing malicious IPs and domains. If the software detects a sudden escalation of privileges it flags the activity as suspect.

Read More: Google to Amazon: We’ll See Your Security Hub and Raise You a Command Centre

AWS Security Hub

The AWS Security Hub is certified with all the standard security certifications from ISO 27001 to PCI DSS Level 1.

The hub pulls in data from different sources using a standard findings format in order to erase the time spent cleaning and converting data. The AWS Security Hub works in conjunction with other AWS applications such as AWS Lambda which lets user mitigate risks with executed automated actions.

AWS rolled out Pokémon International Company, creators of the mobile application Pokémon GO, as a case study. The company uses AWS Security Hub to support compliance.

Jacob Bornemann, Senior Information Security Engineer at the company said: “The Pokémon International Company faces a wide variety of regulations and compliance requirements that govern how our AWS workloads must be managed.”

“We were considering building out our own compliance rules for the CIS AWS Foundations Benchmark, but AWS Security Hub made it simple to activate these compliance checks automatically.”

For customers concerned at the security of AWS’s own infrastructure, the company says it uses its own silicon with trust enclaves built into chips, hardware crypto accelerators built into cards and conducts regular physical and virtual penetration testing.

As AWS’s CISO Steve Schmidt said at a press Q&A following his “State of Security” talk at Re:Invent late last year: “We don’t trust suppliers: we replace the firmware we get on all of our devices. On every single machine. If its got BIOS, UEFI, it all gets replaced. Some firmware in GPUs is not accessible so we replace with firmware that we’ve validated is functioning properly and can cryptographically can prove is functioning correctly.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.