Third-party product integrations with Security Hub
AWS Security Hub integrates with multiple third-party partner products. An integration may perform one or more of the following actions:
-
Send findings that it generates to Security Hub
-
Receive findings from Security Hub
-
Update findings in Security Hub
Integrations that send findings to Security Hub have an Amazon Resource Name (ARN).
Note
Integrations may not be available in all AWS Regions. If an integration isn't supported in the current Region, it doesn't appear on the Integrations page.
For a list of integrations that are available in the China Regions and AWS GovCloud (US), see Integrations that are supported in China (Beijing) and China (Ningxia) and Integrations that are supported in AWS GovCloud (US-East) and AWS GovCloud (US-West).
If you have a security solution and are interested in becoming a Security Hub partner, email <securityhub-partners@amazon.com>. For more information, see the AWS Security Hub
Partner Integration Guide.
Overview of third-party integrations with Security Hub
Here's an overview of the third party integrations that send findings to Security Hub or receive findings from Security Hub:
| Integration | Direction | ARN (if applicable) |
|---|---|---|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
McAfee – MVISION Cloud Native Application Protection Platform (CNAPP) |
Sends findings |
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Sends findings |
|
|
|
Receives and updates findings |
Not applicable |
|
|
Receives and updates findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable | |
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives and updates findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable | |
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Receives findings |
Not applicable |
|
|
Sends and receives findings |
|
|
|
Sends and receives findings |
|
|
|
Sends and receives findings |
|
|
|
Sends and receives findings |
|
|
|
Sends and receives findings |
|
Third-party integrations that send findings to Security Hub
The following third party partner product integrations send findings to Security Hub. Security Hub transforms the findings into the AWS Security Finding Format.
3CORESec – 3CORESec NTA
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/3coresec/3coresec
3CORESec provides managed detection services for both on-premises and AWS systems. Their integration with Security Hub allows visibility into threats such as malware, privilege escalation, lateral movement, and improper network segmentation.
Alert Logic – SIEMless Threat Management
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:733251395267:product/alertlogic/althreatmanagement
Get the right level of coverage: vulnerability and asset visibility, threat detection and incident management, AWS WAF, and assigned SOC analyst options.
Aqua Security – Aqua Cloud Native Security Platform
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/aquasecurity/aquasecurity
Aqua Cloud Native Security Platform (CSP) provides full lifecycle security for container-based and serverless applications, from your CI/CD pipeline to runtime production environments.
Aqua Security – Kube-bench
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/aqua-security/kube-bench
Kube-bench is an open-source tool that runs the Center for Internet Security (CIS) Kubernetes Benchmark against your environment.
Armor – Armor Anywhere
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:679703615338:product/armordefense/armoranywhere
Armor Anywhere delivers managed security and compliance for AWS.
AttackIQ – AttackIQ
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/attackiq/attackiq-platform
AttackIQ Platform emulates real adversarial behavior aligned with the MITRE ATT&CK Framework to help validate and improve your overall security posture.
Barracuda Networks – Cloud Security Guardian
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:151784055945:product/barracuda/cloudsecurityguardian
Barracuda Cloud Security Sentry helps organizations stay secure while building applications in, and moving workloads to, the public cloud.
BigID – BigID Enterprise
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/bigid/bigid-enterprise
The BigID Enterprise Privacy Management Platform helps companies manage and protect sensitive data (PII) across all their systems.
Blue Hexagon – Blue Hexagon for AWS
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/blue-hexagon/blue-hexagon-for-aws
Blue Hexagon is a real time threat detection platform. It uses deep learning principles to detect known and unknown threats, including malware and network anomalies.
Check Point – CloudGuard IaaS
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:758245563457:product/checkpoint/cloudguard-iaas
Check Point CloudGuard easily extends comprehensive threat prevention security to AWS while protecting assets in the cloud.
Check Point – CloudGuard Posture Management
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:634729597623:product/checkpoint/dome9-arc
A SaaS platform that delivers verifiable cloud network security, advanced IAM protection, and comprehensive compliance and governance.
Claroty – xDome
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/claroty/xdome
Claroty xDome helps organizations secure their cyber-physical systems across the Extended Internet of Things (XIoT) within industrial (OT), healthcare (IoMT), and enterprise (IoT) environments.
Cloud Storage Security – Antivirus for Amazon S3
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/cloud-storage-security/antivirus-for-amazon-s3
Cloud Storage Security provides cloud native anti-malware and antivirus scanning for Amazon S3 objects.
Antivirus for Amazon S3 offers real time and scheduled scans of objects and files in Amazon S3 for malware and threats. It provides visibility and remediation for problem and infected files.
Contrast Security – Contrast Assess
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/contrast-security/security-assess
Contrast Security Contrast Assess is an IAST tool that offers real-time vulnerability detection in web apps, APIs, and microservices. Contrast Assess integrates with Security Hub to help provide centralized visibility and response for all your workloads.
CrowdStrike – CrowdStrike Falcon
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:517716713836:product/crowdstrike/crowdstrike-falcon
The CrowdStrike Falcon single, lightweight sensor unifies next-generation antivirus, endpoint detection and response, and 24/7 managed hunting through the cloud.
CyberArk – Privileged Threat Analytics
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:749430749651:product/cyberark/cyberark-pta
Privileged Threat Analytics collect, detect, alert, and respond to high-risk activity and behavior of privileged accounts to contain in-progress attacks.
Data Theorem – Data Theorem
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/data-theorem/api-cloud-web-secure
Data Theorem continuously scans web applications, APIs, and cloud resources in search of security flaws and data privacy gaps to prevent AppSec data breaches.
Drata
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/drata/drata-integration
Drata is a compliance automation platform that helps you achieve and maintain compliance with various frameworks, such as SOC2, ISO, and GDPR. The integration between Drata and Security Hub helps you centralize your security findings in one location.
Forcepoint – Forcepoint CASB
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:365761988620:product/forcepoint/forcepoint-casb
Forcepoint CASB allows you to discover cloud application use, analyze risk, and enforce appropriate controls for SaaS and custom applications.
Forcepoint – Forcepoint Cloud Security Gateway
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/forcepoint/forcepoint-cloud-security-gateway
Forcepoint Cloud Security Gateway is a converged cloud security service that provides visibility, control, and threat protection for users and data, wherever they are.
Forcepoint – Forcepoint DLP
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:365761988620:product/forcepoint/forcepoint-dlp
Forcepoint DLP addresses human-centric risk with visibility and control everywhere your people work and everywhere your data resides.
Forcepoint – Forcepoint NGFW
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:365761988620:product/forcepoint/forcepoint-ngfw
Forcepoint NGFW lets you connect your AWS environment into your enterprise network with the scalability, protection, and insights needed to manage your network and respond to threats.
Fugue – Fugue
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/fugue/fugue
Fugue is an agent-less, scalable cloud-native platform that automates the continuous validation of infrastructure-as-code and cloud runtime environments using the same policies.
Guardicore – Centra 4.0
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/guardicore/guardicore
Guardicore Centra provides flow visualization, micro-segmentation, and breach detection for workloads in modern data centers and clouds.
HackerOne – Vulnerability Intelligence
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/hackerone/vulnerability-intelligence
The HackerOne platform partners with the global hacker community to uncover the most relevant security issues. Vulnerability Intelligence enables your organization to go beyond automated scanning. It shares vulnerabilities that HackerOne ethical hackers have validated and provided steps to reproduce.
JFrog – Xray
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/jfrog/jfrog-xray
JFrog Xray is a universal application security Software Composition Analysis (SCA) tool that continuously scans binaries for license compliance and security vulnerabilities so that you can run a secure software supply chain.
Juniper Networks – vSRX Next Generation Firewall
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/juniper-networks/vsrx-next-generation-firewall
Juniper Networks' vSRX Virtual Next Generation Firewall delivers a complete cloud-based virtual firewall with advanced security, secure SD-WAN, robust networking, and built-in automation.
k9 Security – Access Analyzer
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/k9-security/access-analyzer
k9 Security notifies you when important access changes occur in your AWS Identity and Access Management account. With k9 Security, you can understand the access that users and IAM roles have to critical AWS services and your data.
k9 Security is built for continuous delivery, allowing you to operationalize IAM with actionable access audits and simple policy automation for AWS CDK and Terraform.
Lacework – Lacework
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/lacework/lacework
Lacework is the data-driven security platform for the cloud. The Lacework Cloud Security Platform automates cloud security at scale so you can innovate with speed and safety.
McAfee – MVISION Cloud Native Application Protection Platform (CNAPP)
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/mcafee-skyhigh/mcafee-mvision-cloud-aws
McAfee MVISION Cloud Native Application Protection Platform (CNAPP) offers Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for your AWS environment.
NETSCOUT – NETSCOUT Cyber Investigator
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/netscout/netscout-cyber-investigator
NETSCOUT Cyber Investigator is an enterprise-wide network threat, risk investigation, and forensic analysis platform that helps to reduce the impact of cyber threats on businesses.
Palo Alto Networks – Prisma Cloud Compute
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:496947949261:product/twistlock/twistlock-enterprise
Prisma Cloud Compute is a cloud native cybersecurity platform that protects VMs, containers, and serverless platforms.
Palo Alto Networks – Prisma Cloud Enterprise
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:188619942792:product/paloaltonetworks/redlock
Protects your AWS deployment with cloud security analytics, advanced threat detection, and compliance monitoring.
Plerion – Cloud Security Platform
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/plerion/cloud-security-platform
Plerion is a Cloud Security Platform with a unique threat-led, risk-driven approach that offers preventative, detective, and corrective action across your workloads. The integration between Plerion and Security Hub allows customers to centralize and act upon their security findings in one place.
Prowler – Prowler
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/prowler/prowler
Prowler is an open source security tool to perform AWS checks related to security best practices, hardening, and continuous monitoring.
Qualys – Vulnerability Management
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:805950163170:product/qualys/qualys-vm
Qualys Vulnerability Management (VM) continuously scans and identifies vulnerabilities, protecting your assets.
Rapid7 – InsightVM
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:336818582268:product/rapid7/insightvm
Rapid7 InsightVM provides vulnerability management for modern environments, allowing you to efficiently find, prioritize, and remediate vulnerabilities.
SecureCloudDB – SecureCloudDB
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/secureclouddb/secureclouddb
SecureCloudDB is a cloud native database security tool that provides comprehensive visibility of internal and external security postures and activity. It flags security violations and provides remediation on exploitable database vulnerabilities.
SentinelOne – SentinelOne
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/sentinelone/endpoint-protection
SentinelOne is an autonomous extended detection and response (XDR) platform encompassing AI-powered prevention, detection, response, and hunting across endpoints, containers, cloud workloads, and IoT devices.
Snyk
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/snyk/snyk
Snyk provides a security platform that scans app components for security risks in workloads running on AWS. These risks are sent to Security Hub as findings, helping developers and security teams visualize and prioritize them along with the rest of their AWS security findings.
Sonrai Security – Sonrai Dig
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/sonrai-security/sonrai-dig
Sonrai Dig monitors and remediates cloud misconfigurations and policy violations, so you can improve your security and compliance posture.
Sophos – Server Protection
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:062897671886:product/sophos/sophos-server-protection
Sophos Server Protection defends the critical applications and data at the core of your organization, using comprehensive defense-in-depth techniques.
StackRox – StackRox Kubernetes Security
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/stackrox/kubernetes-security
StackRox helps enterprises secure their container and Kubernetes deployments at scale by enforcing their compliance and security policies across the entire container life cycle – build, deploy, and run.
Sumo Logic – Machine Data Analytics
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:956882708938:product/sumologicinc/sumologic-mda
Sumo Logic is a secure, machine data analytics platform that enables development and security operations teams to build, run, and secure their AWS applications.
Symantec – Cloud Workload Protection
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:754237914691:product/symantec-corp/symantec-cwp
Cloud Workload Protection provides complete protection for your Amazon EC2 instances with antimalware, intrusion prevention, and file integrity monitoring.
Tenable – Tenable.io
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:422820575223:product/tenable/tenable-io
Accurately identify, investigate, and prioritize vulnerabilities. Managed in the cloud.
Trend Micro – Cloud One
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/trend-micro/cloud-one
Trend Micro Cloud One provides the right security information to teams at the right time and place. This integration sends security findings to Security Hub in real time, enhancing visibility into your AWS resources and Trend Micro Cloud One event details in Security Hub.
Vectra – Cognito Detect
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>:978576646331:product/vectra-ai/cognito-detect
Vectra is transforming cybersecurity by applying advanced AI to detect and respond to hidden cyberattackers before they can steal or cause damage.
Wiz – Wiz Security
Integration type: Send
Product ARN:
arn:aws:securityhub:<REGION>::product/wiz-security/wiz-security
Wiz continuously analyzes configurations, vulnerabilities, networks, IAM settings, secrets, and more across your AWS accounts, users, and workloads to discover critical issues that represent actual risk. Integrate Wiz with Security Hub to visualize and respond to issues that Wiz detects from the Security Hub console.
Third-party integrations that receive findings from Security Hub
The following third party partner product integrations receive findings from Security Hub. Where noted, the products may also update findings. In this case, finding updates that you make in the partner product will also be reflected in Security Hub.
Atlassian - Jira Service Management
Integration type: Receive and update
The AWS Service Management Connector for Jira sends findings from Security Hub to Jira. Jira issues are created based on the findings. When the Jira issues are updated, the corresponding findings are updated in Security Hub.
The integration only supports Jira Server and Jira Data Center.
For an overview of the integration and how it works, watch the video AWS Security Hub – Bidirectional integration
with Atlassian Jira Service Management
Atlassian - Jira Service Management Cloud
Integration type: Receive and update
Jira Service Management Cloud is the cloud component of Jira Service Management.
The AWS Service Management Connector for Jira sends findings from Security Hub to Jira. The findings trigger the creation of issues in Jira Service Management Cloud. When you update those issues in Jira Service Management Cloud, the corresponding findings are also updated in Security Hub.
Atlassian – Opsgenie
Integration type: Receive
Opsgenie is a modern incident management solution for operating always-on services, empowering development and operations teams to plan for service disruptions and stay in control during incidents.
Integrating with Security Hub ensures that mission critical security-related incidents are routed to the appropriate teams for immediate resolution.
Fortinet – FortiCNP
Integration type: Receive
FortiCNP is a Cloud Native Protection product that aggregates security findings into actionable insights and prioritizes security insights based on risk score to reduce alert fatigue and accelerate remediation.
IBM – QRadar
Integration type: Receive
IBM QRadar SIEM provides security teams with the ability to quickly and accurately detect, prioritize, investigate, and respond to threats.
Logz.io Cloud SIEM
Integration type: Receive
Logz.io is a provider of Cloud SIEM that provides advanced correlation of log and event data to help security teams to detect, analyze, and respond to security threats in real time.
MetricStream – CyberGRC
Integration type: Receive
MetricStream CyberGRC helps you manage, measure, and mitigate cybersecurity risks. By receiving Security Hub findings, CyberGRC provides more visibility into these risks, so you can prioritize cybersecurity investments and comply with IT policies.
MicroFocus – MicroFocus Arcsight
Integration type: Receive
ArcSight accelerates effective threat detection and response in real time, integrating event correlation and supervised and unsupervised analytics with response automation and orchestration.
New Relic Vulnerability Management
Integration type: Receive
New Relic Vulnerability Management receives security findings from Security Hub, so you can get a centralized view of security alongside performance telemetry in context across your stack.
PagerDuty – PagerDuty
Integration type: Receive
The PagerDuty digital operations management platform empowers teams to proactively mitigate customer-impacting issues by automatically turning any signal into the right insight and action.
AWS users can use the PagerDuty set of AWS integrations to scale their AWS and hybrid environments with confidence.
When coupled with Security Hub aggregated and organized security alerts, PagerDuty allows teams to automate their threat response process and quickly set up custom actions to prevent potential issues.
PagerDuty users who are undertaking a cloud migration project can move quickly, while decreasing the impact of issues that occur throughout the migration lifecycle.
Palo Alto Networks – Cortex XSOAR
Integration type: Receive
Cortex XSOAR is a Security Orchestration, Automation, and Response (SOAR) platform that integrates with your entire security product stack to accelerate incident response and security operations.
Palo Alto Networks – VM-Series
Integration type: Receive
Palo Alto VM-Series integration with Security Hub collects threat intelligence and sends it to the VM-Series next-generation firewall as an automatic security policy update that blocks malicious IP address activity.
Rackspace Technology – Cloud Native Security
Integration type: Receive
Rackspace Technology provides managed security services on top of native AWS security products for 24x7x365 monitoring by Rackspace SOC, advanced analysis, and threat remediation.
Rapid7 – InsightConnect
Integration type: Receive
Rapid7 InsightConnect is a security orchestration and automation solution that enables your team to optimize SOC operations with little to no code.
RSA – RSA Archer
Integration type: Receive
RSA Archer IT and Security Risk Management allows you to determine which assets are critical to your business, establish and communicate security policies and standards, detect and respond to attacks, identify and remediate security deficiencies, and establish clear IT risk management best practices.
ServiceNow – ITSM
Integration type: Receive and update
The ServiceNow integration with Security Hub allows security findings from Security Hub to be viewed within ServiceNow ITSM. You can also configure ServiceNow to automatically create an incident or problem when it receives a finding from Security Hub.
Any updates to these incidents and problems result in updates to the findings in Security Hub.
For an overview of the integration and how it works, watch the video AWS Security Hub - Bidirectional integration
with ServiceNow ITSM
Slack – Slack
Integration type: Receive
Slack is a layer of the business technology stack that brings together people, data, and applications. It is a single place where people can effectively work together, find important information, and access hundreds of thousands of critical applications and services to do their best work.
Splunk – Splunk Enterprise
Integration type: Receive
Splunk uses Amazon CloudWatch Events as a consumer of Security Hub findings. Send your data to Splunk for advanced security analytics and SIEM.
Splunk – Splunk Phantom
Integration type: Receive
With the Splunk Phantom application for AWS Security Hub, findings are sent to Phantom for automated context enrichment with additional threat intelligence information or to perform automated response actions.
ThreatModeler
Integration type: Receive
ThreatModeler is an automated threat modeling solution that secures and scales the enterprise software and cloud development life cycle.
Trellix – Trellix Helix
Integration type: Receive
Trellix Helix is a cloud-hosted security operations platform that allows organizations to take control of any incident from alert to fix.
Third-party integrations that send findings to and receive findings from Security Hub
The following third party partner product integrations send findings to and receive findings from Security Hub.
Caveonix – Caveonix Cloud
Integration type: Send and receive
Product ARN:
arn:aws:securityhub:<REGION>::product/caveonix/caveonix-cloud
The Caveonix AI-powered platform automates visibility, assessment, and mitigation in hybrid clouds, covering cloud-native services, VMs, and containers. Integrated with AWS Security Hub, Caveonix merges AWS data and advanced analytics for insights into security alerts and compliance.
Cloud Custodian – Cloud Custodian
Integration type: Send and receive
Product ARN:
arn:aws:securityhub:<REGION>::product/cloud-custodian/cloud-custodian
Cloud Custodian enables users to be well managed in the cloud. The simple YAML DSL allows easily defined rules to enable a well-managed cloud infrastructure that's both secure and cost optimized.
DisruptOps, Inc. – DisruptOPS
Integration type: Send and receive
Product ARN:
arn:aws:securityhub:<REGION>::product/disruptops-inc/disruptops
The DisruptOps Security Operations Platform helps organizations maintain best security practices in your cloud through the use of automated guardrails.
Kion
Integration type: Send and receive
Product ARN:
arn:aws:securityhub:<REGION>::product/cloudtamerio/cloudtamerio
Kion (formerly cloudtamer.io) is a complete cloud governance solution for AWS. Kion gives stakeholders visibility into cloud operations and helps cloud users manage accounts, control budget and cost, and ensure continuous compliance.
Turbot – Turbot
Integration type: Send and receive
Product ARN:
arn:aws:securityhub:<REGION>::product/turbot/turbot
Turbot ensures that your cloud infrastructure is secure, compliant, scalable, and cost optimized.
