With over 200 services, AWS opens doors for innovation. But without proper configuration, there can be security vulnerabilities. So, it's crucial to secure and govern your public cloud environment. The AWS Security Hub and SHARR enable central access for security checks, alerts, and automated remediations for the entire AWS environment. Check out how to establish fundamental security management, even without a dedicated security team or a huge budget.
The AWS Security Hub is automatically enabled if you have an AWS Organization. New accounts added to your organization will appear automatically in the dashboard.
Because AWS Config rules contain most of the security checks differentiated in the various playbooks, it's good practice to enable AWS Config for your AWS Organization.
Once AWS Config is activated, it makes sense to delegate the Security Hub administration permissions to a dedicated security account according to AWS best practices. Your security account gives you an overview of the entire organization via the Security Hub dashboard.
If you do not have an AWS Organization, it's possible to activate the Security Hub manually.
At first glance, you will see the security score on the dashboard. It's expressed as a percentage from 0 to 100 and reflects the ratio of passed controls to activated controls.
All controls are treated equally for the security score; criticality is not a factor in calculating it. However, further down in the dashboard, you have the criticality of the findings sorted by region. The dashboard also has insights like "Accounts with the most findings (by resource type)" and many others. It's also possible to switch to other service integrations like Guard Duty, AWS Inspector, AWS Macie, and many others.