- Robert Boscacci/
- Projects/
- Certification: AWS DevOps Pro/
- 4: Incident and Event Response/
- 5: Sec Info & Event Mgmt/
5: Sec Info & Event Mgmt
·1 min
Table of Contents
Automatable Security Services?
- GuardDuty
- Macie
- Inspector
- Security Hub
- Trusted Advisor
- Config
GuardDuty
- Threat detection for accounts / workloads
- Findings can be sent to s3 with Lambda
Macie
- S3 stuff
- Discover and protect sensitive data
Inspector
- Sec / compliance of apps
- Also Ec2 instances
- Findings can be piped to SNS
Security Hub
- What’s a “hub”? Consolidates other services.
- Receives from the above ^ 3 services
- Security best practice checks
- Can delegate to systems manager for automated remediation
Pro Tip
- Aggregate security findings into a single S3 bucket