AWS Security Hub is an AWS security service that provides a comprehensive view of your security state within AWS and your compliance with the security industry standards and best practices.
The Sumo Logic App for AWS Security Hub leverages findings data from Security Hub and visually displays security state data in Dashboards. The dashboards provide a high-level view of findings, showing the type, when they occurred, the resources that were affected, their severity, and their distribution, showing the current security and compliance status of an aws account from all sources.
Sumo Logic provides a seamless bi-directional integration with AWS Security Hub with the following:
- AWS Security Hub forwarder - This solution forwards (sends) scheduled search results and alerts (as findings) to AWS Security Hub.
- AWS Security Hub collector - This solution collects findings from AWS Security Hub to Sumo Logic where they are displayed in visual pre-defined dashboards.
The Sumo Logic integration with AWS Security Hub extends compliance checks to other key regulatory frameworks such as PCI, GDPR, HIPAA, and others.
For more information on AWS Security Hub, refer to the Amazon AWS Security Hub documentation.
The AWS Security Hub utilizes the following log types: