implementing-aws-security-hub
Installation
SKILL.md
Implementing AWS Security Hub
When to Use
- When establishing a centralized security findings dashboard across multiple AWS accounts
- When enabling automated compliance checks against CIS, PCI-DSS, NIST, or AWS Foundational Security Best Practices
- When integrating findings from GuardDuty, Inspector, Macie, and third-party security tools
- When building automated remediation workflows for recurring security misconfigurations
- When preparing compliance evidence for auditors requiring continuous posture monitoring
Do not use for real-time threat detection (see detecting-cloud-threats-with-guardduty), for Azure compliance monitoring (see securing-azure-with-microsoft-defender), or for deep vulnerability scanning of container images (see securing-container-registry).
Prerequisites
- AWS Organization with a designated security administrator account
- AWS Config enabled in all target accounts and regions
- GuardDuty, Inspector, and Macie activated for finding integration
- IAM permissions for securityhub:* and config:* in the administrator account