AWS Security Hub Cloud Security Posture Management (CSPM) now supports the Center for Internet Security (CIS) AWS Foundations Benchmark v5.0. This industry-standard benchmark provides security configuration best practices for AWS with clear implementation and assessment procedures. The new standard includes 40 controls that perform automated checks against AWS resources to evaluate compliance with the latest version 5.0 requirements. The standard is now available in all AWS Regions where Security Hub CSPM is currently available, including the AWS GovCloud (US) and the China Regions. To quickly enable the standard across your AWS environment, we recommend that you use Security Hub CSPM central configuration. With this approach, you can enable the standard in all or only some of your organization's accounts and across all AWS Regions that are linked to Security Hub CSPM with a single action. To learn more, see CIS v5.0 in the AWS Security Hub CSPM User Guide. To receive notifications about new Security Hub CSPM features and controls, subscribe to the Security Hub CSPM SNS topic. You can also try Security Hub at no cost for 30 days with the AWS Free Tier offering.

https://aws.amazon.com/security-hub/ now supports automated security checks that align with the National Institute of Standards and Technology (NIST) Special Publication 800-171 Revision 2 (NIST SP 800-171 Rev. 2). NIST SP 800-171 Rev. 2 is a cybersecurity and compliance framework developed by NIST, an agency that's part of the U.S. Department of Commerce. This compliance framework provides recommended security requirements for protecting the confidentiality of Controlled Unclassified Information (CUI) in systems and organizations that aren't part of the U.S. federal government. In Security Hub, the NIST SP 800-171 Rev. 2 standard includes 63 automated controls that perform automated checks against AWS resources to evaluate compliance with NIST SP 800-171 Rev. 2 requirements. The new standard is now available in all AWS Regions where Security Hub is currently available, including the AWS GovCloud (US) and the China Regions. To quickly enable the standard across your AWS environment, we recommend that you use Security Hub central configuration. With this approach, you can enable the standard in all or only some of your organization's accounts and across all AWS Regions that are linked to Security Hub with a single action. To learn more, see https://docs.aws.amazon.com/securityhub/latest/userguide/standards-reference-nist-800-171.html in the AWS Security Hub User Guide. To receive notifications about new Security Hub features and controls, subscribe to the https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-announcements.html. You can also try https://aws.amazon.com/security-hub/pricing/ with the AWS Free Tier offering.

背景AWSSecurityHubがAWSCloudFormationを使用した管理機能の強化を発表で以下のようなupdateJunがありましたまた新しい

AWS announces an enhanced AWS Security Hub to prioritize your critical security issues and help respond at scale to reduce security risks, improve your team’s productivity, and protect your cloud environment. It detects critical issues by correlating and enriching security signals, for example, from threat detection and vulnerability management. This enables you to quickly surface and prioritize active risks in your cloud environment. The unified solution provides more comprehensive visibility into your security posture while reducing the complexity of manually piecing together information from multiple security tools. Security Hub transforms correlated security signals into actionable insights through intuitive visualizations and contextual analytics, helping you identify critical patterns and trends and centralize security operations in your environment. For example, it detects and correlates scenarios where publicly exposed resources with highly exploitable vulnerabilities have access to storage with sensitive data. These insights provide enhanced risk context so you can make more informed decisions and take immediate action on security issues. Enhanced capabilities include exposure findings, security-focused asset inventory, attack path visualization, and automated response workflows with ticketing system integration. This centralized management enables streamlined remediation at scale while helping you minimize potential operational disruptions.  For more information about AWS Regions where Security Hub is available, see the https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/?p=ngi&loc=4. You can enable Security Hub for individual accounts or across your entire AWS Organization with centralized deployment and management. The service integrates with existing AWS security capabilities including Amazon GuardDuty, Amazon Inspector, AWS Security Hub CSPM, and Amazon Macie, providing more comprehensive security posture without additional operational overhead.   To learn more about the enhanced Security Hub and join the Preview, visit the https://console.aws.amazon.com/securityhub/v2/home or the AWS Security Hub https://aws.amazon.com/security-hub/. 

先ほどのアップデートでAWSSecurityHubの組織への展開がセキュリティ標準やコントロールなどをカスタマイズして設定できるようになりました何が嬉しいのかSecurityHubのOrganizat

AWS Security Hub now supports automated security checks aligned to the Payment Card Industry Data Security Standard (PCI DSS) v4.0.1. PCI DSS is a compliance framework that provides a set of rules and guidelines for safely handling credit and debit card information. PCI DSS standard in Security Hub provides a set of AWS security best practices that support you in protecting your cardholder data environments (CDE). Security Hub PCI DSS v4.0.1 includes 144 automated controls that conduct continual checks against PCI DSS requirements. The new standard is now available in all public AWS Regions where Security Hub is available and in the AWS GovCloud (US) Regions. To quickly enable the new standard across your AWS environment, we recommend you using Security Hub central configuration. This will allow you to enable the standard in some or all of your organization accounts and across all AWS Regions that are linked to Security Hub with a single action. If you currently use PCI v3.2.1 standard in Security Hub, but want to use only v4.0.1, enable the newer version before disabling the older version. This prevents gaps in your security checks. To get started, consult the following list of resources: Learn more about Security Hub capabilities and features in the AWS Security Hub user guide Subscribe to the Security Hub SNS topic to receive notifications about new Security Hub features and controls Try Security Hub at no cost for 30 days on the AWS Free Tier.

こんにちはカスタマーソリューション部のこーへいですAWSSecurityHub以降SecurityHubの設定項目の一つである統合されたコントロールの検出結果は設定切り替え時に既存の検出結果がアーカイ

こんにちは臼田ですみなさんreInvent楽しんでますか挨拶今回はAWSSecurityHubのコントロールでパラメータを取るものの一部がパラメータをカスタマイズできるようになりましたのでこれを検証

AWS公式ドキュメント概要AWSSecurityHubはAWS上でのセキュリティとコンプライアンスの中央集権的な管理監視および洞察を提供するサービスです主な機能としては以下のような

AWS Security Hub has released 7 new security controls, increasing the total number of controls offered to 437. Security Hub released new controls for Amazon Simple Notification Service (Amazon SNS) topic and AWS Key Management Service (AWS KMS) keys checking for public access. Security Hub now supports additional controls for encryption checks for key AWS services such as AWS AppSync and Amazon Elastic File System (Amazon EFS). For the full list of recently released controls and the AWS Regions in which they are available, visit the Security Hub user guide. To use the new controls, turn on the standard they belong to. Security Hub will then start evaluating your security posture and monitoring your resources for the relevant security controls. You can use central configuration to do so across all your organization accounts and linked Regions with a single action. If you are already using the relevant standards and have Security Hub configured to automatically enable new controls, these new controls will run without taking any additional action. To get started, consult the following list of resources: Learn more about Security Hub capabilities and features in the AWS Security Hub user guide Subscribe to the Security Hub SNS topic to receive notifications about new Security Hub features and controls Try Security Hub at no cost for 30 days on the AWS Free Tier.

AWS Security Hub now supports Amazon Route 53 Resolver DNS Firewall, allowing you to receive security findings for DNS queries made from your Amazon VPCs for domains suspected as malicious or identified as low-reputation. Route 53 Resolver DNS Firewall is a managed firewall that enables you to block DNS queries made for malicious domains and to allow queries for trusted domains. Today, AWS Security Hub gives you a comprehensive view of your security alerts and compliance status across your AWS accounts. This integration allows you to enable three new finding types for Security Hub. You can now receive security findings for queries blocked or alerted on for domains associated with AWS Managed Domain Lists, customer domain lists, and threats identified by Route 53 Resolver DNS Firewall Advanced. With this launch, you now have a single place to view security findings for your accounts that may be associated with malicious DNS queries, alongside findings from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie. The feature is available in all AWS Regions where Amazon Route 53 Resolver DNS Firewall is available. See here for the list of AWS Regions where Route 53 Resolver DNS Firewall is available. To learn more about AWS Security Hub capabilities, see the AWS Security Hub documentation. To learn more about Route 53 Resolver DNS Firewall, see the product page or documentation.

AWS Security Hub now supports automated security checks that align with the National Institute of Standards and Technology (NIST) Special Publication 800-171 Revision 2 (NIST SP 800-171 Rev. 2). NIST SP 800-171 Rev. 2 is a cybersecurity and compliance framework developed by NIST, an agency that's part of the U.S. Department of Commerce. This compliance framework provides recommended security requirements for protecting the confidentiality of Controlled Unclassified Information (CUI) in systems and organizations that aren't part of the U.S. federal government. In Security Hub, the NIST SP 800-171 Rev. 2 standard includes 63 automated controls that perform automated checks against AWS resources to evaluate compliance with NIST SP 800-171 Rev. 2 requirements. The new standard is now available in all AWS Regions where Security Hub is currently available, including the AWS GovCloud (US) and the China Regions. To quickly enable the standard across your AWS environment, we recommend that you use Security Hub central configuration. With this approach, you can enable the standard in all or only some of your organization's accounts and across all AWS Regions that are linked to Security Hub with a single action. To learn more, see NIST SP 800-171 Revision 2 in the AWS Security Hub User Guide. To receive notifications about new Security Hub features and controls, subscribe to the Security Hub SNS topic. You can also try Security Hub at no cost for 30 days with the AWS Free Tier offering.

【 #ITニュース 】AWS、新しい「AWS Security Hub」のプレビューリリースを発表 #AWSSecurityHub #CodeZine

AWS Security Hub has been enhanced with new capabilities that integrate multiple AWS security services to automatically discover resources, evaluate risks, analyze attack paths, and provide AI-assisted...

https://aws.amazon.com/security-hub/cspm/features/) now supports the Center for Internet Security (CIS) AWS Foundations Benchmark v5.0. This industry-standard benchmark provides security configuration best practices for AWS with clear implementation and assessment procedures. The new standard includes 40 controls that perform automated checks against AWS resources to evaluate compliance with the latest version 5.0 requirements. The standard is now available in all AWS Regions where Security Hub CSPM is currently available, including the AWS GovCloud (US) and the China Regions. To quickly enable the standard across your AWS environment, we recommend that you use Security Hub CSPM central configuration. With this approach, you can enable the standard in all or only some of your organization's accounts and across all AWS Regions that are linked to Security Hub CSPM with a single action. To learn more, seehttps://docs.aws.amazon.com/securityhub/latest/userguide/cis-aws-foundations-benchmark.html in the AWS Security Hub CSPM User Guide. To receive notifications about new Security Hub CSPM features and controls, subscribe to the https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-announcements.html. You can also try https://aws.amazon.com/security-hub/pricing/ with the AWS Free Tier offering.

こんにちは人事部の高田です年月日株式会社アンドパッドさんと合同でプロポーザル供養会を開催しましたのでその様子をご報告しますプロポーザル供養会イベントの内容イベントタイトルはプロポーザル供養会ですCNDTとYAPCHiroshimaで惜しくもrejectとなってしまったプロポーザルをお披露目する会でした発表内容登壇者とトークテーマは下記の通りでした発表者所属タイトルfujiwaraカヤック隙間家具OSS開発で自分の庭をつくるcommojunカヤック長年運用されているWebサービスと通信をするクライアントをGoで作ってみた話KyosukeICHIKAWAカヤックGoogleCloudOperationsSuiteで実現する頑張らないオブザーバビリティmuziyoshizアンドパッドAWSSecurityHubを有効化したけど見てない人に向けたDevSecOpsの実現方法あかりアンドパッドECからの脱出劇多用途なサーバの全役割をサーバレス・コンテナ環境へcassiusアンドパッドRubyonRailsSidekiq構成のモノリシックサービスをコンテナ化した話一部の資料は上記の表のタイトル部分がリンクになっていますのでぜひご覧くださいこの記事ではカヤック人の発表内容を簡単に紹介していきます隙間家具OSS開発で自分の庭をつくるfujiwaraです今回は自分がここ数年作り続けた隙間家具OSSの開発によって得られた小さいソフトウェアを個人で開発してメンテし続けることによって得られるメリットをお伝えする発表をしましたこのトークは残念ながらYAPCHiroshimaでは落選してしまいましたが別のトークで発表できることになったので参加されるかたはそちらもお楽しみに長年運用されているWebサービスと通信をするクライアントをGoで作ってみた話commojunです今回はYAPCHiroshimaというカンファレンスに落選した内容についてお話させてもらいました新しい挑戦をするときの苦しみについて共感してもらえたように思いますGoogleCloudOperationsSuiteで実現するquot頑張らないオブザーバビリティquot市川です今回はCNDTの落選供養ブログ投稿をベースに列挙した項目について少しだけ深掘りする発表をしましたtechblogkayaccom発表内でも触れましたがOpenTelemetryについてはアドベントカレンダー日目のブログ投稿を予定しています特にMetrics関連で新しい発見を提供できると思われますので是非ご期待くださいまとめ惜しくも採択されなかったプロポーザルたちでしたがどれも興味深い内容でした今後もこのような勉強会を開催していくのでみなさんのご参加をお待ちしていますカヤックでは勉強会が好きなエンジニアも募集していますhubspotkayaccom

あしざわですreInvent楽しんでいますかところで皆さんAWSSecurityHub使っていますかもちろん使ってますよねAWSSecurityHubはその他のAWSのセキュリテ

困っていた内容IAMユーザーを作成したところSecurityHubの料金が急に高くなりました対象の環境ではIAMユーザー以外のリソースは作成していませんSecurityHubは全リージョンで有効

こんにちは森田です先日のreInventでSecurityHubでコントロールのパラメータカスタマイズができるようになりましたドキュメントを確認してみるとAWSOrganizations

AWS Security Hub has been enhanced with new capabilities that integrate multiple AWS security services to automatically discover resources, evaluate risks, analyze attack paths, and provide AI-assisted recommendations, helping security teams prioritize critical issues and respond to threats at scale with improved visualization and remediation guidance.

AWS、新しい「AWS Security Hub」のプレビューリリースを発表 #AWSSecurityHub #ITニュース

AWS announces an enhanced AWS Security Hub to prioritize your critical security issues and help respond at scale to reduce security risks, improve your team’s productivity, and protect your cloud environment. It detects critical issues by correlating and enriching security signals, for example, from threat detection and vulnerability management. This enables you to quickly surface and prioritize active risks in your cloud environment. The unified solution provides more comprehensive visibility into your security posture while reducing the complexity of manually piecing together information from multiple security tools. Security Hub transforms correlated security signals into actionable insights through intuitive visualizations and contextual analytics, helping you identify critical patterns and trends and centralize security operations in your environment. For example, it detects and correlates scenarios where publicly exposed resources with highly exploitable vulnerabilities have access to storage with sensitive data. These insights provide enhanced risk context so you can make more informed decisions and take immediate action on security issues. Enhanced capabilities include exposure findings, security-focused asset inventory, attack path visualization, and automated response workflows with ticketing system integration. This centralized management enables streamlined remediation at scale while helping you minimize potential operational disruptions.  For more information about AWS Regions where Security Hub is available, see the AWS Region table. You can enable Security Hub for individual accounts or across your entire AWS Organization with centralized deployment and management. The service integrates with existing AWS security capabilities including Amazon GuardDuty, Amazon Inspector, AWS Security Hub CSPM, and Amazon Macie, providing more comprehensive security posture without additional operational overhead.   To learn more about the enhanced Security Hub and join the Preview, visit the AWS Security Hub console or the AWS Security Hub product page.

Today, AWS announces the general availability of AWS Security Incident Response, a new service that helps you prepare for, respond to, and recover from security events. This service offers automated monitoring and investigation of security findings to free up your resources from routine tasks, communication and collaboration features to streamline response coordination, and direct 24/7 access to the AWS Customer Incident Response Team (CIRT). Security Incident Response integrates with existing detection services, such as Amazon GuardDuty, and third-party tools through AWS Security Hub to rapidly review security alerts, escalate high-priority findings, and, with your permission, implement containment actions. It reduces the number of alerts your team needs to analyze, saving time and allowing your security personnel to focus on strategic initiatives. The service centralizes all incident-related communications, documentation, and actions, making coordinated incident response across internal and external stakeholders possible and reducing the time to coordinate from hours to minutes. You can preconfigure incident response team members, set up automatic notifications, manage case permissions, and use communication tools like video conferencing and in-console messaging during security events. By accessing the service through a single, centralized dashboard in the AWS Management Console, you can monitor active cases, review resolved security incident cases, and track key metrics, such as the number of triaged events and mean time to resolution, in real time. If you require specialized expertise, you can connect 24/7 to the AWS CIRT in only one step. For more information about AWS Regions where Security Incident Response is available, refer to the following service https://docs.aws.amazon.com/security-ir/latest/userguide/supported-configs.html. To get started, visit the https://us-east-1.console.aws.amazon.com/security-ir, and explore the https://aws.amazon.com/security-incident-response/ to learn more. For configuration details, refer to the Security Incident Response User Guide.

Today, AWS announces the general availability of AWS Security Incident Response, a new service that helps you prepare for, respond to, and recover from security events. This service offers automated monitoring and investigation of security findings to free up your resources from routine tasks, communication and collaboration features to streamline response coordination, and direct 24/7 access to the AWS Customer Incident Response Team (CIRT). Security Incident Response integrates with existing detection services, such as Amazon GuardDuty, and third-party tools through AWS Security Hub to rapidly review security alerts, escalate high-priority findings, and, with your permission, implement containment actions. It reduces the number of alerts your team needs to analyze, saving time and allowing your security personnel to focus on strategic initiatives. The service centralizes all incident-related communications, documentation, and actions, making coordinated incident response across internal and external stakeholders possible and reducing the time to coordinate from hours to minutes. You can preconfigure incident response team members, set up automatic notifications, manage case permissions, and use communication tools like video conferencing and in-console messaging during security events. By accessing the service through a single, centralized dashboard in the AWS Management Console, you can monitor active cases, review resolved security incident cases, and track key metrics, such as the number of triaged events and mean time to resolution, in real time. If you require specialized expertise, you can connect 24/7 to the AWS CIRT in only one step. For more information about AWS Regions where Security Incident Response is available, refer to the following service documentation. To get started, visit the Security Incident Response console, and explore the overview page to learn more. For configuration details, refer to the Security Incident Response User Guide.

みなさんこんにちは杉金ですAWSSecurityHubの検出結果を強化するアップデートが発表されました今回アップデートした部分を抜粋しますThisenrichmentaddsresourceta