Available security standards in AWS Security Hub

Security standards provide a set of related controls to determine compliance with regulatory frameworks, industry best practices, or company policies.

The information for each standard includes the list of controls in the standard. Each control includes the following information:

The security category that the control belongs to
The resource that the control applies to
If applicable, the AWS Config rule that is used for the control
Any parameters used by the control
A description of the control and what it checks
For standards that are associated with a regulatory framework, the applicable requirements in that framework
Information on how to remediate a failed check. For example, you might need to change the configuration of a resource.

AWS Security Hub supports the security standards listed below. If you are using the integration with AWS Organizations, the CIS and Foundational Security Best Practices standards are auto-enabled in new member accounts by default. For more information about auto-enabled standards, see Auto-enabled standards for new organization accounts.

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Taking action on control findings

CIS AWS Foundations Benchmark