AWS Security Hub
Version: AWS and NetsurionAWSIntegrator v2.0.2 or above.
Netsurion Open XDR manages logs retrieved from AWS Security Hub. The alerts, reports, dashboards, and saved searches in Netsurion Open XDR are enhanced by capturing important and critical activities in AWS Security Hub.
The following are the key assets included with this Data Source Integration.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | AWS Security Hub – Critical findings | Generated whenever critical and high severity findings are captured by AWS Security Hub. |
| Security | AWS Security Hub – Configuration manipulation detected | Generated whenever sensitive configuration(s) related to AWS Security Hub are changed. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | AWS Security Hub – All findings | Provides information about all security findings generated by AWS Security Hub. |
| Compliance | AWS Security Hub – Activity overview | Provides details about all console level activities related to AWS Security Hub. |
Dashboards
| Type | Name | Description |
|---|---|---|
| Security | AWS Security Hub – Critical severity findings | Displays all critical findings based on its name. |
| Security | AWS Security Hub – High severity findings | Displays all high severity findings based on its name. |
| Security | AWS Security Hub – Medium severity findings | Displays all medium severity findings based on its name. |
| Security | AWS Security Hub – Configuration modification detected | Displays information about configuration modifications based on actions. |
| Security | AWS Security Hub – Resources configured | Displays the integration of a partner products or AWS services. |
Saved Searches
| Type | Name | Description |
|---|---|---|
| Security | AWS Security Hub – All findings | Provides information about all security findings generated by AWS Security Hub. |
| Compliance | AWS Security Hub – Activity overview | Provides details about all console level activities related to AWS Security Hub. |
Documentation
The configuration details are consistent with Netsurion Open XDR 9.3 and later, and AWS Security Hub.
Download the Integration Guide for configuration instructions and more information.