AWS Security Hub achieves FedRAMP Moderate authorization
Share
Services
[AWS Security Hub](https://aws.amazon.com/security-hub/?aws-security-hub-blogs.sort-by=item.additionalFields.createdDate&aws-security-hub-blogs.sort-order=desc) is now authorized as [FedRAMP Moderate](/compliance/services-in-scope/) in the following AWS Regions: US East (N. Virginia), US East (Ohio), US West (N. California), and US West (Oregon). The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide program that delivers a standard approach to the security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP uses the National Institute of Standards and Technology (NIST) Special Publication 800 series and requires cloud service providers to receive an independent security assessment conducted by a third-party assessment organization (3PAO) to ensure that authorizations are compliant with the Federal Information Security Management Act (FISMA). We are also now approved as Department of Defense Cloud Computing Security Requirements Guide Impact Level 2 ([DoD SRG IL-2](https://aws.amazon.com/compliance/dod/)) in those regions.
AWS Security Hub is [available globally](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-regions.html) and gives you a comprehensive view of your security posture across your AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and AWS IAM Access Analyzer, as well as from over 50 AWS Partner solutions. You can also continuously monitor your environment using automated security checks based on standards, such as AWS Foundational Security Best Practices, the CIS AWS Foundations Benchmark, and the Payment Card Industry Data Security Standard. You can also take action on these findings by investigating findings in Amazon Detective, by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools, or by using your custom remediation playbooks.
You can enable your 30-day free trial of AWS Security Hub with a single-click in the AWS Management console. Please see the [AWS Regions page](/about-aws/global-infrastructure/regional-product-services/) for all the regions where AWS Security Hub is available. To learn more about AWS Security Hub capabilities, see the AWS Security Hub [documentation](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html), and to start your 30-day free trial see the AWS Security Hub [free trial page](https://aws.amazon.com/security-hub/pricing/).
What else is happening at Amazon Web Services?
Read update
Services
Share
Read update
Services
Share
Amazon Managed Service for Prometheus now supports configuring a minimum firing period for alerts
October 16th, 2024
Services
Share