AWS Security Hub adds impact analysis for exposure findings
Share
Services
Today, AWS Security Hub adds impact analysis to exposure findings, helping security teams understand the full scope of what an attacker could reach if an exposure is exploited. Impact analysis extends exposure findings by mapping the downstream resources that could be compromised beyond the initially exposed resource, giving teams deeper visibility into organizational risk.
Security Hub analyzes the effective permissions of IAM principals associated with exposed resources to identify privilege escalation paths to other resources in your account. The resulting scope of impact is displayed in the potential attack path graph, and a new Impact Assessment tab shows the prioritized chains of resources an attacker could traverse along with the specific permissions at each step. Security Hub factors the scope of impact into its severity scoring for exposure findings, and adjusts existing exposures as their scope of impact is identified or changes, so that exposures with greater downstream reach are prioritized appropriately.
To learn more, see Understanding exposure findings in the [AWS Security Hub User Guide](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub-v2.html) and the [AWS Security Hub product page](https://aws.amazon.com/security-hub/). For the full list of AWS Regions where Security Hub is available, see the [AWS Regional Services List](https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/).
What else is happening at Amazon Web Services?
Amazon Cognito now supports self-service provisioned API rate limits
about 22 hours ago
Services
Share
Amazon SageMaker Studio now integrates with Hugging Face for one-click model deployment and customization
about 23 hours ago
Services
Share
Read update
Services
Share