Viewing details of a control
Selecting an AWS Security Hub control on the Controls page or standard details page of the Security Hub console takes you to a page of control details.
The top of the control details page tells you the control status. The control status summarizes the performance of a control based on the compliance status of the control findings. Security Hub typically generates the initial control status within 30 minutes after your first visit to the Summary page or Security standards page on the Security Hub console. Statuses are only available for controls that are enabled when you visit those pages.
The control details page also provides a breakdown of the compliance status of the control findings in the last 24 hours. For more information about control status and compliance status, see Evaluating compliance status and control status in Security Hub.
AWS Config resource recording must be configured for the control status to appear. After control statuses are generated for the first time, Security Hub updates the control status every 24 hours based on the findings from the previous 24 hours.
Administrator accounts see an aggregated control status across the administrator account and member accounts. If you have set an aggregation Region, the control status includes findings across all linked Regions. For more information about control status, see Evaluating compliance status and control status in Security Hub.
You can also enable or disable the control from the control details page.
Note
It can take up to 24 hours after enabling a control for first-time control statuses to be generated in the China Regions and AWS GovCloud (US) Region.
The Standards and Requirements tab lists the standards that a control can be enabled for and the requirements related to the control from different compliance frameworks.
The Checks tab lists the active findings for the control in the last 24 hours. Control findings are generated when Security Hub runs security checks against the control. The control finding list doesn't include archived findings.
For each finding, the list provides access to finding details such as the compliance status and related resource. You can also set the workflow status of each finding and send findings to custom actions. For more information, see Viewing and managing control findings.
Viewing details for a control
Choose your preferred access method, and follow these steps to view details for a control. Details apply to the current account and Region and include the following:
-
Title and description of the control
-
Link to remediation instructions for failed control findings
-
Severity of the control
-
Enablement status of the control
-
(On the console) A list of recent findings for the control. When using the Security Hub API or AWS CLI, use
GetFindings
to retrieve control findings.