AWS Security Hub Setup
The SecureCloudDB and AWS Security Hub integration allows you to import real-time findings generated via security policy alerts in SecureCloudDB into Security Hub.
To do so, you need to create policies in your SecureCloudDB account related to Database Activity Monitoring and configurations. These policies are continuously checked against the information in your AWS databases. When alerts are triggered because of a policy violation, they are converted into findings and sent from your SecureCloudDB account into your Security Hub account.
To facilitate the integration, you need to create a Security Hub alert destination and associate it to the policies you are looking to report on. With our 5-step alert destination setup wizard and straightforward policy delivery setup, this process can be completed in less than 10 minutes.
Create Security Hub Alert Destination
Go to Alerts in the main menu, select
Destinationsin the sub menu, and hit the blue create
(+)button in the lower right corner of the table.
Complete the steps prompted by the setup wizard
Name and Type- enter the internal name for the alert destination; note, it cannot be changed later. Set the destination type to Security Hub.
Account Setup Options- select how many accounts you’re setting up - one or multiple.
- To set up one account: Fill in the account Id, pick a region where Security Hub is enabled, and select an AWS authentication method, which will allow us to publish the findings. You can use an existing AWS Authentication or create a new AWS Authentication (we have many options for these: an assumed role, an access key, or using an instance profile service).
- To set up multiple accounts: Upload AWS Account Configurations via a CSV file.
Fallback Connection- select a region where Security Hub is enabled and select an AWS authentication method (existing or new).
Summary- After completing steps 1 - 4, review the setup on the summary tab and click
Associate the Security Hub Destination to the Policies
Alertsin the main menu, select
Policiesin the sub menu, and hit the settings icon for the policy you wish to associate with Security Hub.
In the header of the
Deliverytable, select the pencil icon to edit the delivery destination. Select the created destination under the
Security Hub Destinationssection and hit