Security standards and controls in AWS Security Hub

AWS Security Hub consumes, aggregates, and analyzes security findings from various supported AWS and third-party products.

Security Hub also generates its own findings by running automated and continuous checks against the rules in a set of supported security standards. These rules determine whether controls within a standard are being adhered to. The checks provide a readiness score and identify specific accounts and resources that require attention.

Security Hub provides controls for the following standards.

CIS AWS Foundations
Payment Card Industry Data Security Standard (PCI DSS)
AWS Foundational Security Best Practices

For information on Security Hub pricing for security checks, see Security Hub pricing.

Topics

How AWS Security Hub runs and uses security checks
Viewing and managing security standards
Viewing and managing controls
Available security standards in AWS Security Hub

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Using custom product integrations

Running security checks