Home/Glossary/AWS Security Hub

AWS Security Hub

AWS service that aggregates security findings from multiple AWS services and third-party tools, providing a unified view of security posture.

Cloud SecurityAlso called: "security hub", "aws cspm"

AWS Security Hub centralizes security alerts and compliance status across AWS accounts and services.

Key capabilities

  • Finding aggregation: Collects findings from GuardDuty, Inspector, Macie, and more.
  • Security standards: Automated checks against CIS, PCI DSS, AWS Foundational.
  • Security score: Overall compliance percentage by standard.
  • Cross-account: Aggregate findings across AWS Organizations.
  • Integrations: Third-party security tool findings.

Integrated AWS services

  • Amazon GuardDuty (threat detection).
  • Amazon Inspector (vulnerability scanning).
  • Amazon Macie (data discovery).
  • AWS Firewall Manager (firewall compliance).
  • IAM Access Analyzer (access findings).
  • AWS Config (configuration compliance).

Security standards included

  • CIS AWS Foundations Benchmark.
  • AWS Foundational Security Best Practices.
  • PCI DSS v3.2.1.
  • NIST SP 800-53.

Automation capabilities

  • EventBridge integration for automated response.
  • Custom actions for manual workflows.
  • Automated remediation with Lambda.

Best practices

  • Enable in all regions you operate.
  • Aggregate to a central security account.
  • Prioritize critical and high findings first.
  • Suppress false positives with suppression rules.
  • Integrate with ticketing systems for tracking.

Pricing

  • Per security check and finding ingested.
  • 30-day free trial for new accounts.

Related Tools

Related Articles

View all articles
30 Cloud Security Tips for 2026: Essential Best Practices for Every Skill Level

30 Cloud Security Tips for 2026: Essential Best Practices for Every Skill Level

Master cloud security with 30 actionable tips covering AWS, Azure, and GCP.

Read article →
The Cloud Shared Responsibility Model Explained: AWS, Azure, and GCP

The Cloud Shared Responsibility Model Explained: AWS, Azure, and GCP

Understand who secures what in AWS, Azure, and GCP. The shared responsibility model defines security boundaries between cloud providers and customers.

Read article →
What Is CSPM? Cloud Security Posture Management Explained

What Is CSPM? Cloud Security Posture Management Explained

Learn what Cloud Security Posture Management (CSPM) is, how it works, and why its essential for preventing cloud misconfigurations.

Read article →
CI/CD Pipeline Security Workflow | DevSecOps Best Practices

CI/CD Pipeline Security Workflow | DevSecOps Best Practices

Master the complete CI/CD pipeline security workflow from secrets management to SLSA framework implementation. Implement SAST, DAST, SCA, artifact signing, and policy enforcement to secure your software supply chain.

Read article →

Explore More Cloud Security

View all terms

CASB (Cloud Access Security Broker)

A security solution that sits between cloud service users and cloud applications to enforce security policies, provide visibility, and protect data.

Read more →

Cloud Security Posture Management (CSPM)

Continuous monitoring and remediation of cloud misconfigurations across accounts, services, and regions.

Read more →

Cloud Workload Protection Platform (CWPP)

Security tooling that safeguards cloud-native workloads—containers, serverless functions, and VMs—across build and runtime.

Read more →

Cloud-Native Application Protection Platform (CNAPP)

A unified security platform that combines CSPM, CWPP, and other cloud security capabilities into a single solution.

Read more →

Microsegmentation

A network security technique that divides the network into isolated segments, applying granular access controls between workloads.

Read more →

Shared Responsibility Model

A framework that outlines which security tasks the cloud provider handles versus what the customer must secure.

Read more →
Back to glossary