Available third-party partner product integrations - AWS Security Hub
3CORESec – 3CORESec NTA (Sends findings)Alert Logic – SIEMless Threat Management (Sends findings)Aqua Security – Aqua Cloud Native Security Platform (Sends findings)Aqua Security – Kube-bench (Sends findings)Armor – Armor Anywhere (Sends findings)Atlassian - Jira Service Management (Receives and updates findings)Atlassian – Opsgenie (Receives findings)AttackIQ – AttackIQ (Sends findings)Barracuda Networks – Cloud Security Guardian (Sends findings)BigID – BigID Enterprise (Sends findings)Blue Hexagon – Blue Hexagon forAWS (Sends findings)Capitis Solutions – C2VS (Sends findings)Caveonix – Caveonix Cloud (Sends and receives findings)Check Point – CloudGuard IaaS (Sends findings)Check Point – CloudGuard Posture Management (Sends findings)Cloud Custodian – Cloud Custodian (Sends and receives findings)Cloud Storage Security – Antivirus for Amazon S3 (Sends findings)cloudtamer.io – cloudtamer.io (Sends and receives findings)CrowdStrike – CrowdStrike Falcon (Sends findings)CyberArk – Privileged Threat Analytics (Sends findings)Data Theorem (Sends findings)DisruptOps, Inc. – DisruptOPS (Sends and receives findings)FireEye – FireEye Helix (Receives findings)Forcepoint – Forcepoint CASB (Sends findings)Forcepoint – Forcepoint Cloud Security Gateway (Sends findings)Forcepoint – Forcepoint DLP (Sends findings)Forcepoint – Forcepoint NGFW (Sends findings)Fugue – Fugue (Sends findings)Guardicore – Centra 4.0 (Sends findings)Guardicore – Infection Monkey (Sends findings)HackerOne – Vulnerability Intelligence (Sends findings)Helecloud – Managed Security (Receives findings)IBM – QRadar (Receives findings)Juniper Networks – vSRX Next Generation Firewall (Sends findings)k9 Security – Access Analyzer (Sends findings)Lacework (Sends findings)Logz.io Cloud SIEM (Receives findings)McAfee – MVISION Cloud Native Application Protection Platform (CNAPP) (Sends findings)MicroFocus – MicroFocus Arcsight (Receives findings)NETSCOUT – NETSCOUT Cyber Investigator (Sends findings)PagerDuty – PagerDuty (Receives findings)Palo Alto Networks – Cortex XSOAR (Receives findings)Palo Alto Networks – Prisma Cloud Compute (Sends findings)Palo Alto Networks – Prisma Cloud Enterprise (Sends findings)Palo Alto Networks – VM-Series (Receives findings)Prowler (Sends findings)Qualys – Vulnerability Management (Sends findings)Rackspace Technology – Cloud Native Security (Receives findings)Rapid7 – InsightConnect (Receives findings)Rapid7 – InsightVM (Sends findings)RSA – RSA Archer (Receives findings)SecureCloudDB – SecureCloudDB (Sends findings)SentinelOne (Sends findings)ServiceNow – ITSM (Receives and updates findings)Slack – Slack (Receives findings)Sonrai Security – Sonrai Dig (Sends findings)Sophos – Server Protection (Sends findings)Splunk – Splunk Enterprise (Receives findings)Splunk – Splunk Phantom (Receives findings)StackRox – StackRox Kubernetes Security (Sends findings)Sumo Logic – Machine Data Analytics (Sends findings)Symantec – Cloud Workload Protection (Sends findings)Sysdig – Sysdig Secure for cloud (Sends findings)Tenable – Tenable.io (Sends findings)ThreatModeler (Receives findings)Turbot – Turbot (Sends and receives findings)Vectra AI – Cognito Detect (Sends findings)

Available third-party partner product integrations

AWS Security Hub is integrated with the following third-party products. For each provider, the list indicates how the integration interacts with findings. An integration can perform the following actions:

  • Send findings that it generates to Security Hub.

  • Receive findings from Security Hub.

  • Update findings in Security Hub. Integrations that receive findings from Security Hub might also update those findings.

Integrations that send findings to Security Hub have an ARN.

Note

Some integrations are not available in all Regions.

If an integration is not supported, it is not listed on the console Integrations page

See also Integrations that are supported in China (Beijing) and China (Ningxia) and Integrations that are supported in AWS GovCloud (US-East) and AWS GovCloud (US-West).

If you have a security solution and are interested in becoming a Security Hub partner, send an email to . In the message, provide your company name, product name, AWS Partner Network (APN) tier level, and contact information.

To become a Security Hub partner, you must meet one of the following criteria:

To get started, read through the AWS Security Hub Partner Integration Guide. After you review the onboarding information, you can begin to work on your product manifest.

3CORESec – 3CORESec NTA (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/3coresec/3coresec

3CORESec provides managed detection services for both on-premises and AWS systems. Their integration with Security Hub allows visibility into threats such as malware, privilege escalation, lateral movement, and improper network segmentation.

Product link

Partner documentation

Alert Logic – SIEMless Threat Management (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:733251395267:product/alertlogic/althreatmanagement

Get the right level of coverage: vulnerability and asset visibility, threat detection and incident management, AWS WAF, and assigned SOC analyst options.

Product link

Partner documentation

Aqua Security – Aqua Cloud Native Security Platform (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/aquasecurity/aquasecurity

Aqua Cloud Native Security Platform (CSP) provides full lifecycle security for container-based and serverless applications, from your CI/CD pipeline to runtime production environments.

Product link

Partner documentation

Aqua Security – Kube-bench (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/aqua-security/kube-bench

Kube-bench is an open-source tool that runs the Center for Internet Security (CIS) Kubernetes Benchmark against your environment.

Product link

Partner documentation

Armor – Armor Anywhere (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:679703615338:product/armordefense/armoranywhere

Armor Anywhere delivers managed security and compliance for AWS.

Product link

Partner documentation

Atlassian - Jira Service Management (Receives and updates findings)

Integration type: Receive and update

The AWS Service Management Connector for Jira sends findings from Security Hub to Jira. Jira issues are created based on the findings. When the Jira issues are updated, the corresponding findings are updated in Security Hub.

The integration only supports Jira Server and Jira Data Center.

For an overview of the integration and how it works, watch the video AWS Security Hub – Bidirectional integration with Atlassian Jira Service Management.

Product link

Partner documentation

Atlassian – Opsgenie (Receives findings)

Integration type: Receive

Opsgenie is a modern incident management solution for operating always-on services, empowering development and operations teams to plan for service disruptions and stay in control during incidents.

Integrating with Security Hub ensures that mission critical security-related incidents are routed to the appropriate teams for immediate resolution.

Product link

Partner documentation

AttackIQ – AttackIQ (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/attackiq/attackiq-platform

AttackIQ Platform emulates real adversarial behavior aligned with the MITRE ATT&CK Framework to help validate and improve your overall security posture.

Product link

Partner documentation

Barracuda Networks – Cloud Security Guardian (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:151784055945:product/barracuda/cloudsecurityguardian

Barracuda Cloud Security Sentry helps organizations stay secure while building applications in, and moving workloads to, the public cloud.

Product link

Partner documentation

BigID – BigID Enterprise (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/bigid/bigid-enterprise

The BigID Enterprise Privacy Management Platform helps companies manage and protect sensitive data (PII) across all their systems.

Product link

Partner documentation

Blue Hexagon – Blue Hexagon forAWS (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/blue-hexagon/blue-hexagon-for-aws

Blue Hexagon is a real time threat detection platform. It uses deep learning principles to detect known and unknown threats, including malware and network anomalies.

Product link

Partner documentation

Capitis Solutions – C2VS (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/capitis/c2vs

C2VS is a customizable compliance solution designed to automatically identify your application-specific misconfigurations and their root cause.

Product link

Partner documentation

Caveonix – Caveonix Cloud (Sends and receives findings)

Integration type: Send and receive

Product ARN: arn:aws:securityhub:<REGION>::product/caveonix/caveonix-cloud

Caveonix Cloud is a SaaS risk mitigation platform that delivers automated compliance and hybrid-cloud security posture management for comprehensive workload protection.

Product link

Partner documentation

Check Point – CloudGuard IaaS (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:758245563457:product/checkpoint/cloudguard-iaas

Check Point CloudGuard easily extends comprehensive threat prevention security to AWS while protecting assets in the cloud.

Product link

Partner documentation

Check Point – CloudGuard Posture Management (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:634729597623:product/checkpoint/dome9-arc

A SaaS platform that delivers verifiable cloud network security, advanced IAM protection, and comprehensive compliance and governance.

Product link

Partner documentation

Cloud Custodian – Cloud Custodian (Sends and receives findings)

Integration type: Send and receive

Product ARN: arn:aws:securityhub:<REGION>::product/cloud-custodian/cloud-custodian

Cloud Custodian enables users to be well managed in the cloud. The simple YAML DSL allows easily defined rules to enable a well-managed cloud infrastructure that's both secure and cost optimized.

Product link

Partner documentation

Cloud Storage Security – Antivirus for Amazon S3 (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/cloud-storage-security/antivirus-for-amazon-s3

Cloud Storage Security provides cloud native anti-malware and antivirus scanning for Amazon S3 objects.

Antivirus for Amazon S3 offers real time and scheduled scans of objects and files in Amazon S3 for malware and threats. It provides visibility and remediation for problem and infected files.

Product link

Partner documentation

cloudtamer.io – cloudtamer.io (Sends and receives findings)

Integration type: Send and receive

Product ARN: arn:aws:securityhub:<REGION>::product/cloudtamerio/cloudtamerio

cloudtamer.io is a complete cloud governance solution for AWS. cloudtamer.io gives stakeholders visibility into cloud operations and helps cloud users manage accounts, control budget and cost, and ensure continuous compliance.

Product link

Partner documentation

CrowdStrike – CrowdStrike Falcon (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:517716713836:product/crowdstrike/crowdstrike-falcon

The CrowdStrike Falcon single, lightweight sensor unifies next-generation antivirus, endpoint detection and response, and 24/7 managed hunting through the cloud.

Product link

Partner documentation

CyberArk – Privileged Threat Analytics (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:749430749651:product/cyberark/cyberark-pta

Privileged Threat Analytics collect, detect, alert, and respond to high-risk activity and behavior of privileged accounts to contain in-progress attacks.

Product link

Partner documentation

Data Theorem (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/data-theorem/api-cloud-web-secure

Data Theorem continuously scans web applications, APIs, and cloud resources in search of security flaws and data privacy gaps to prevent AppSec data breaches.

Product link

Partner documentation

DisruptOps, Inc. – DisruptOPS (Sends and receives findings)

Integration type: Send and receive

Product ARN: arn:aws:securityhub:<REGION>::product/disruptops-inc/disruptops

The DisruptOps Security Operations Platform helps organizations maintain best security practices in your cloud through the use of automated guardrails.

Product link

Partner documentation

FireEye – FireEye Helix (Receives findings)

Integration type: Receive

FireEye Helix is a cloud-hosted security operations platform that allows organizations to take control of any incident from alert to fix.

Product link

Partner documentation

Forcepoint – Forcepoint CASB (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:365761988620:product/forcepoint/forcepoint-casb

Forcepoint CASB allows you to discover cloud application use, analyze risk, and enforce appropriate controls for SaaS and custom applications.

Product link

Partner documentation

Forcepoint – Forcepoint Cloud Security Gateway (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/forcepoint/forcepoint-cloud-security-gateway

Forcepoint Cloud Security Gateway is a converged cloud security service that provides visibility, control, and threat protection for users and data, wherever they are.

Product link

Partner documentation

Forcepoint – Forcepoint DLP (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:365761988620:product/forcepoint/forcepoint-dlp

Forcepoint DLP addresses human-centric risk with visibility and control everywhere your people work and everywhere your data resides.

Product link

Partner documentation

Forcepoint – Forcepoint NGFW (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:365761988620:product/forcepoint/forcepoint-ngfw

Forcepoint NGFW lets you connect your AWS environment into your enterprise network with the scalability, protection, and insights needed to manage your network and respond to threats.

Product link

Partner documentation

Fugue – Fugue (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/fugue/fugue

Fugue is an agent-less, scalable cloud-native platform that automates the continuous validation of infrastructure-as-code and cloud runtime environments using the same policies.

Product link

Partner documentation

Guardicore – Centra 4.0 (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:324264561773:product/guardicore/guardicore

Guardicore Centra provides flow visualization, micro-segmentation, and breach detection for workloads in modern data centers and clouds.

Product link

Partner documentation

Guardicore – Infection Monkey (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:324264561773:product/guardicore/aws-infection-monkey

Infection Monkey is an attack simulation tool designed to test networks against attackers.

Product link

Partner documentation

HackerOne – Vulnerability Intelligence (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/hackerone/vulnerability-intelligence

The HackerOne platform partners with the global hacker community to uncover the most relevant security issues. Vulnerability Intelligence enables your organization to go beyond automated scanning. It shares vulnerabilities that HackerOne ethical hackers have validated and provided steps to reproduce.

Product link

Partner documentation

Helecloud – Managed Security (Receives findings)

Integration type: Receive

HeleCloud is a Managed Services Provider, taking care of your AWS infrastructure so that you can focus on your core business.

Product link

IBM – QRadar (Receives findings)

Integration type: Receive

Product ARN: arn:aws:securityhub:<REGION>:949680696695:product/ibm/qradar-siem

IBM QRadar SIEM provides security teams with the ability to quickly and accurately detect, prioritize, investigate, and respond to threats.

Product link

Partner documentation

Juniper Networks – vSRX Next Generation Firewall (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/juniper-networks/vsrx-next-generation-firewall

Juniper Networks' vSRX Virtual Next Generation Firewall delivers a complete cloud-based virtual firewall with advanced security, secure SD-WAN, robust networking, and built-in automation.

AWS Marketplace link

Partner documentation

Product link

k9 Security – Access Analyzer (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/k9-security/access-analyzer

k9 Security notifies you when important access changes occur in your AWS Identity and Access Management account. With k9 Security, you can understand the access that each IAM user and role has to critical AWS services and your data.

k9 Security is built for continuous delivery, allowing you to operationalize IAM with actionable access audits and simple policy automation for AWS CDK and Terraform.

Product link

Partner documentation

Lacework (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/lacework/lacework

Lacework is the data-driven security platform for the cloud. The Lacework Cloud Security Platform automates cloud security at scale so you can innovate with speed and safety.

Product link

Partner documentation

Logz.io Cloud SIEM (Receives findings)

Integration type: Receive

Logz.io is a provider of Cloud SIEM that provides advanced correlation of log and event data to help security teams to detect, analyze, and respond to security threats in real time.

Product link

Partner documentation

McAfee – MVISION Cloud Native Application Protection Platform (CNAPP) (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:297986523463:product/mcafee-skyhigh/mcafee-mvision-cloud-aws

McAfee MVISION Cloud Native Application Protection Platform (CNAPP) offers Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for your AWS environment.

Product link

Partner documentation

MicroFocus – MicroFocus Arcsight (Receives findings)

Integration type: Receive

ArcSight accelerates effective threat detection and response in real time, integrating event correlation and supervised and unsupervised analytics with response automation and orchestration.

Product link

Partner documentation

NETSCOUT – NETSCOUT Cyber Investigator (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:us-east-1::product/netscout/netscout-cyber-investigator

NETSCOUT Cyber Investigator is an enterprise-wide network threat, risk investigation, and forensic analysis platform that helps to reduce the impact of cyber threats on businesses.

Product link

Partner documentation

PagerDuty – PagerDuty (Receives findings)

Integration type: Receive

The PagerDuty digital operations management platform empowers teams to proactively mitigate customer-impacting issues by automatically turning any signal into the right insight and action.

AWS users can use the PagerDuty set of AWS integrations to scale their AWS and hybrid environments with confidence.

When coupled with Security Hub aggregated and organized security alerts, PagerDuty allows teams to automate their threat response process and quickly set up custom actions to prevent potential issues.

PagerDuty users who are undertaking a cloud migration project can move quickly, while decreasing the impact of issues that occur throughout the migration lifecycle.

Product link

Partner documentation

Palo Alto Networks – Cortex XSOAR (Receives findings)

Integration type: Receive

Cortex XSOAR is a Security Orchestration, Automation, and Response (SOAR) platform that integrates with your entire security product stack to accelerate incident response and security operations.

Product link

Partner documentation

Palo Alto Networks – Prisma Cloud Compute (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:496947949261:product/twistlock/twistlock-enterprise

Prisma Cloud Compute is a cloud native cybersecurity platform that protects VMs, containers, and serverless platforms.

Product link

Partner documentation

Palo Alto Networks – Prisma Cloud Enterprise (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:188619942792:product/paloaltonetworks/redlock

Protects your AWS deployment with cloud security analytics, advanced threat detection, and compliance monitoring.

Product link

Partner documentation

Palo Alto Networks – VM-Series (Receives findings)

Integration type: Receive

Palo Alto VM-Series integration with Security Hub collects threat intelligence and sends it to the VM-Series next-generation firewall as an automatic security policy update that blocks malicious IP address activity.

Product link

Partner documentation

Prowler (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/prowler/prowler

Prowler is an open source security tool to perform AWS checks related to security best practices, hardening, and continuous monitoring.

Product link

Partner documentation

Qualys – Vulnerability Management (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:805950163170:product/qualys/qualys-vm

Qualys Vulnerability Management (VM) continuously scans and identifies vulnerabilities, protecting your assets.

Product link

Partner documentation

Rackspace Technology – Cloud Native Security (Receives findings)

Integration type: Receive

Rackspace Technology provides managed security services on top of native AWS security products for 24x7x365 monitoring by Rackspace SOC, advanced analysis, and threat remediation.

Product link

Rapid7 – InsightConnect (Receives findings)

Integration type: Receive

Rapid7 InsightConnect is a security orchestration and automation solution that enables your team to optimize SOC operations with little to no code.

Product link

Partner documentation

Rapid7 – InsightVM (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:336818582268:product/rapid7/insightvm

Rapid7 InsightVM provides vulnerability management for modern environments, allowing you to efficiently find, prioritize, and remediate vulnerabilities.

Product link

Partner documentation

RSA – RSA Archer (Receives findings)

Integration type: Receive

RSA Archer IT and Security Risk Management allows you to determine which assets are critical to your business, establish and communicate security policies and standards, detect and respond to attacks, identify and remediate security deficiencies, and establish clear IT risk management best practices.

Product link

Partner documentation

SecureCloudDB – SecureCloudDB (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/secureclouddb/secureclouddb

SecureCloudDB is a cloud native database security tool that provides comprehensive visibility of internal and external security postures and activity. It flags security violations and provides remediation on exploitable database vulnerabilities.

Product link

Partner documentation

SentinelOne (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/sentinelone/endpoint-protection

SentinelOne is an autonomous extended detection and response (XDR) platform encompassing AI-powered prevention, detection, response, and hunting across endpoints, containers, cloud workloads, and IoT devices.

AWS Marketplace link

Partner documentation

Product link

ServiceNow – ITSM (Receives and updates findings)

Integration type: Receive and update

The ServiceNow integration with Security Hub allows security findings from Security Hub to be viewed within ServiceNow ITSM. You can also configure ServiceNow to automatically create an incident or problem when it receives a finding from Security Hub.

Any updates to these incidents and problems result in updates to the findings in Security Hub.

For an overview of the integration and how it works, watch the video AWS Security Hub - Bidirectional integration with ServiceNow ITSM.

Product link

Partner documentation

Slack – Slack (Receives findings)

Integration type: Receive

Slack is a layer of the business technology stack that brings together people, data, and applications. It is a single place where people can effectively work together, find important information, and access hundreds of thousands of critical applications and services to do their best work.

Product link

Partner documentation

Sonrai Security – Sonrai Dig (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/sonrai-security/sonrai-dig

Sonrai Dig monitors and remediates cloud misconfigurations and policy violations, so you can improve your security and compliance posture.

Product link

Partner documentation

Sophos – Server Protection (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:062897671886:product/sophos/sophos-server-protection

Sophos Server Protection defends the critical applications and data at the core of your organization, using comprehensive defense-in-depth techniques.

Product link

Partner documentation

Splunk – Splunk Enterprise (Receives findings)

Integration type: Receive

Product ARN: arn:aws:securityhub:<REGION>:112543817624:product/splunk/splunk-enterprise

Splunk uses Amazon CloudWatch Events as a consumer of Security Hub findings. Send your data to Splunk for advanced security analytics and SIEM.

Product link

Partner documentation

Splunk – Splunk Phantom (Receives findings)

Integration type: Receive

With the Splunk Phantom application for AWS Security Hub, findings are sent to Phantom for automated context enrichment with additional threat intelligence information or to perform automated response actions.

Product link

Partner documentation

StackRox – StackRox Kubernetes Security (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/stackrox/kubernetes-security

StackRox helps enterprises secure their container and Kubernetes deployments at scale by enforcing their compliance and security policies across the entire container life cycle – build, deploy, and run.

Product link

Partner documentation

Sumo Logic – Machine Data Analytics (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:956882708938:product/sumologicinc/sumologic-mda

Sumo Logic is a secure, machine data analytics platform that enables development and security operations teams to build, run, and secure their AWS applications.

Product link

Partner documentation

Symantec – Cloud Workload Protection (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:754237914691:product/symantec-corp/symantec-cwp

Cloud Workload Protection provides complete protection for your Amazon EC2 instances with antimalware, intrusion prevention, and file integrity monitoring.

Product link

Partner documentation

Sysdig – Sysdig Secure for cloud (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/sysdig/sysdig-secure-for-cloud

Sysdig Secure for cloud supports asset discovery, risk management, Cloud Security Posture Management (CSPM), compliance, automatic vulnerability scanning for Amazon Elastic Container Registry (ECR) and Fargate, and threat detection based on CloudTrail. You can deploy all of these as a single security platform.

Product link

Partner documentation

Tenable – Tenable.io (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>:422820575223:product/tenable/tenable-io

Accurately identify, investigate, and prioritize vulnerabilities. Managed in the cloud.

Product link

Partner documentation

ThreatModeler (Receives findings)

Integration type: Receive

ThreatModeler is an automated threat modeling solution that secures and scales the enterprise software and cloud development life cycle.

Product link

Partner documentation

Turbot – Turbot (Sends and receives findings)

Integration type: Send and receive

Product ARN: arn:aws:securityhub:<REGION>:453761072151:product/turbot/turbot

Turbot ensures that your cloud infrastructure is secure, compliant, scalable, and cost optimized.

Product link

Partner documentation

Vectra AI – Cognito Detect (Sends findings)

Integration type: Send

Product ARN: arn:aws:securityhub:<REGION>::product/vectra-ai/cognito-detect

Vectra is transforming cybersecurity by applying advanced AI to detect and respond to hidden cyberattackers before they can steal or cause damage.

AWS Marketplace link

Partner documentation