Today at re:Invent, Amazon revealed the AWS Security Hub, a security service that provides AWS cloud customers with a comprehensive view of their security state within AWS. Guardicore has worked with AWS over the past weeks to provide support and integration to this service. While AWS provides some built-in security capabilities, customers require additional capabilities that can only be provided by third-party companies like Guardicore.
Both Guardicore Centra and Infection Monkey now integrate with the AWS Security Hub. This integration provides a lot of value to customers. Early feedback is extremely positive and AWS customers would find it interesting to test both integrations:
GuardiCore Centra Integration with AWS Security Hub
GuardiCore Centra, our flagship product, secures any cloud-private or public. Security Incidents will be forwarded to the AWS Security Hub and can be managed through the console or consumed by other security products.
Infection Monkey Integration with AWS Security Hub
The Infection Monkey is an open source Breach and Attack Simulation (BAS) tool that assesses the resiliency of private and public cloud environments to post-breach attacks and lateral movement. Its integration with the AWS Security Hub allows anyone to verify and test the resilience of their AWS environment and correlate this information with the native security solutions and benchmark score.
Working on the integration was fun. Since both Centra and Infection Monkey have integration points and can run on AWS, adding reporting interfaces to the Security Hub was a straightforward task.
We believe that the AWS Security Hub represents a good approach, allowing for more shared security insights from more vendors in order to improve the overall security posture of your environment. It detects security findings and alerts generated by other AWS security services, other security solutions (like GuardiCore Centra and Infection Monkey) and aggregates those findings and alerts within each supported AWS region.
During the beta period the service provided integration with Amazon GuardDuty, Amazon Inspector, and Amazon Macie and added new capabilities by running CIS benchmark check for AWS workloads. We are looking forward to your feedback. Tell us- what do you think about the integration?