Viewing details for a control - AWS Security Hub

Viewing details for a control

For each control, you can display a page of useful details.

To display details for a control

  1. Open the AWS Security Hub console at

  2. Display the controls for an enabled standard.

  3. From the controls list, choose the control name.

The top of the details page provides an overview of the control and its current status. The overall control status is calculated every 24 hours. Administrator accounts see an aggregated status across the administrator account and the member accounts.

For controls in the Payment Card Industry Data Security Standard (PCI DSS) and the CIS AWS Foundations standard, the Related requirements tab lists the related requirements from within the framework.

From the details page, you can disable or enable the control. See Disabling and enabling individual controls.

The bottom of the details page contains information about the active findings for the control. Control findings are generated by security checks against the control. The control finding list does not include archived findings.

The finding list uses tabs that display different subsets of the list. On most of the tabs, the finding list shows findings that have a workflow status of NEW, NOTIFIED, or RESOLVED. A separate tab displays SUPPRESSED findings.

For each finding, the list provides access to details about the finding and the associated resource. You can also set the workflow status of each finding and send findings to custom actions.

See Viewing and taking action on control findings.