Security standards in AWS Security Hub

AWS Security Hub consumes, aggregates, and analyzes security findings from various supported AWS and third-party products.

Security Hub also generates its own findings as the result of running automated and continuous checks against the rules in a set of supported security standards. These checks provide a readiness score and identify specific accounts and resources that require attention.

Security Hub provides controls for the following standards.

CIS AWS Foundations
Payment Card Industry Data Security Standard (PCI DSS)
AWS Foundational Security Best Practices

For information on Security Hub pricing for security checks, see Security Hub pricing.

Topics

AWS Config requirements for running security checks
Schedule for running security checks
Results of security checks
Disabling or enabling a security standard
Viewing details for controls
Enabling new controls automatically
Disabling and enabling individual controls
CIS AWS Foundations Benchmark standard
Payment Card Industry Data Security Standard (PCI DSS)
AWS Foundational Security Best Practices standard

Warning Javascript is disabled or is unavailable in your browser.

To use the AWS Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Using custom product integrations

AWS Config requirements for running security checks