# Third-party product integrations with Security Hub CSPM
AWS Security Hub CSPM integrates with multiple third-party partner products. An integration can perform one or more of the following actions:
+ Send findings that it generates to Security Hub CSPM
+ Receive findings from Security Hub CSPM
+ Update findings in Security Hub CSPM
Integrations that send findings to Security Hub CSPM have an Amazon Resource Name (ARN).
An integration might not be available in all AWS Regions. If an integration isn't supported in the Region that you are currently signed in to on the Security Hub CSPM console, it doesn't appear on the **Integrations** page of the console. For a list of integrations that are available in the China Regions and AWS GovCloud (US) Regions, see [Availability of integrations by Region](securityhub-regions.md#securityhub-regions-integration-support).
If you have a security solution and are interested in becoming a Security Hub CSPM partner, send email to securityhub-partners@amazon.com. For more information, see the [Partner Integration Guide](https://docs.aws.amazon.com/securityhub/latest/partnerguide/integration-overview.html).
## Overview of third-party integrations with Security Hub CSPM
The following table provides an overview of the third-party integrations that can send findings to Security Hub CSPM or receive findings from Security Hub CSPM.
| Integration | Direction | ARN (if applicable) |
| --- | --- | --- |
| [3CORESec – 3CORESec NTA](#integration-3coresec-nta) | Sends findings | `arn:aws:securityhub:::product/3coresec/3coresec` |
| [Alert Logic – SIEMless Threat Management](#integration-alert-logic-siemless) | Sends findings | `arn:aws:securityhub::733251395267:product/alertlogic/althreatmanagement` |
| [Aqua Security – Aqua Cloud Native Security Platform](#integration-aqua-security-cloud-native-security-platform) | Sends findings | `arn:aws:securityhub:::product/aquasecurity/aquasecurity` |
| [Aqua Security – Kube-bench](#integration-aqua-security-kubebench) | Sends findings | `arn:aws:securityhub:::product/aqua-security/kube-bench` |
| [Armor – Armor Anywhere](#integration-armor-anywhere) | Sends findings | `arn:aws:securityhub::679703615338:product/armordefense/armoranywhere` |
| [AttackIQ – AttackIQ](#integration-attackiq) | Sends findings | `arn:aws:securityhub:::product/attackiq/attackiq-platform` |
| [Barracuda Networks – Cloud Security Guardian](#integration-barracuda-cloud-security-guardian) | Sends findings | `arn:aws:securityhub::151784055945:product/barracuda/cloudsecurityguardian` |
| [BigID – BigID Enterprise](#integration-bigid-enterprise) | Sends findings | `arn:aws:securityhub:::product/bigid/bigid-enterprise` |
| [Blue Hexagon – Blue Hexagon forAWS](#integration-blue-hexagon-for-aws) | Sends findings | `arn:aws:securityhub:::product/blue-hexagon/blue-hexagon-for-aws` |
| [Check Point – CloudGuard IaaS](#integration-checkpoint-cloudguard-iaas) | Sends findings | `arn:aws:securityhub::758245563457:product/checkpoint/cloudguard-iaas` |
| [Check Point – CloudGuard Posture Management](#integration-checkpoint-cloudguard-posture-management) | Sends findings | `arn:aws:securityhub::634729597623:product/checkpoint/dome9-arc` |
| [Claroty – xDome](#integration-claroty-xdome) | Sends findings | `arn:aws:securityhub:::product/claroty/xdome` |
| [Cloud Storage Security – Antivirus for Amazon S3](#integration-checkpoint-cloudguard-posture-management) | Sends findings | `arn:aws:securityhub:::product/cloud-storage-security/antivirus-for-amazon-s3` |
| [Contrast Security](#integration-contrast-security) | Sends findings | `arn:aws:securityhub:::product/contrast-security/security-assess` |
| [CrowdStrike – CrowdStrike Falcon](#integration-crowdstrike-falcon) | Sends findings | `arn:aws:securityhub::517716713836:product/crowdstrike/crowdstrike-falcon` |
| [CyberArk – Privileged Threat Analytics](#integration-cyberark-privileged-threat-analytics) | Sends findings | `arn:aws:securityhub::749430749651:product/cyberark/cyberark-pta` |
| [Data Theorem – Data Theorem](#integration-data-theorem) | Sends findings | `arn:aws:securityhub:::product/data-theorem/api-cloud-web-secure` |
| [Drata](#integration-drata) | Sends findings | `arn:aws:securityhub:::product/drata/drata-integration` |
| [Forcepoint – Forcepoint CASB](#integration-forcepoint-casb) | Sends findings | `arn:aws:securityhub::365761988620:product/forcepoint/forcepoint-casb` |
| [Forcepoint – Forcepoint Cloud Security Gateway](#integration-forcepoint-cloud-security-gateway) | Sends findings | `arn:aws:securityhub:::product/forcepoint/forcepoint-cloud-security-gateway` |
| [Forcepoint – Forcepoint DLP](#integration-forcepoint-dlp) | Sends findings | `arn:aws:securityhub::365761988620:product/forcepoint/forcepoint-dlp` |
| [Forcepoint – Forcepoint NGFW](#integration-forcepoint-ngfw) | Sends findings | `arn:aws:securityhub::365761988620:product/forcepoint/forcepoint-ngfw` |
| [Fugue – Fugue](#integration-fugue) | Sends findings | `arn:aws:securityhub:::product/fugue/fugue` |
| [Guardicore – Centra 4.0](#integration-guardicore-centra) | Sends findings | `arn:aws:securityhub:::product/guardicore/guardicore` |
| [HackerOne – Vulnerability Intelligence](#integration-hackerone-vulnerability-intelligence) | Sends findings | `arn:aws:securityhub:::product/hackerone/vulnerability-intelligence` |
| [JFrog – Xray](#integration-jfrog-xray) | Sends findings | `arn:aws:securityhub:::product/jfrog/jfrog-xray` |
| [Juniper Networks – vSRX Next Generation Firewall](#integration-junipernetworks-vsrxnextgenerationfirewall) | Sends findings | `arn:aws:securityhub:::product/juniper-networks/vsrx-next-generation-firewall` |
| [k9 Security – Access Analyzer](#integration-k9-security-access-analyzer) | Sends findings | `arn:aws:securityhub:::product/k9-security/access-analyzer` |
| [Lacework – Lacework](#integration-lacework) | Sends findings | `arn:aws:securityhub:::product/lacework/lacework` |
| [McAfee – MVISION Cloud Native Application Protection Platform (CNAPP)](#integration-mcafee-mvision-cnapp) | Sends findings | `arn:aws:securityhub:::product/mcafee-skyhigh/mcafee-mvision-cloud-aws` |
| [NETSCOUT – NETSCOUT Cyber Investigator](#integration-netscout-cyber-investigator) | Sends findings | `arn:aws:securityhub:us-east-1::product/netscout/netscout-cyber-investigator` |
| [Orca Cloud Security Platform](#integration-orca-cloud-security-platform) | Sends findings | `arn:aws:securityhub:::product/orca-security/orca-security` |
| [Palo Alto Networks – Prisma Cloud Compute](#integration-palo-alto-prisma-cloud-compute) | Sends findings | `arn:aws:securityhub::496947949261:product/twistlock/twistlock-enterprise` |
| [Palo Alto Networks – Prisma Cloud Enterprise](#integration-palo-alto-prisma-cloud-enterprise) | Sends findings | `arn:aws:securityhub::188619942792:product/paloaltonetworks/redlock` |
| [Plerion – Cloud Security Platform](#integration-plerion) | Sends findings | `arn:aws:securityhub:::product/plerion/cloud-security-platform` |
| [Prowler – Prowler](#integration-prowler) | Sends findings | `arn:aws:securityhub:::product/prowler/prowler` |
| [Qualys – Vulnerability Management](#integration-qualys-vulnerability-management) | Sends findings | `arn:aws:securityhub::805950163170:product/qualys/qualys-vm` |
| [Rapid7 – InsightVM](#integration-rapid7-insightvm) | Sends findings | `arn:aws:securityhub::336818582268:product/rapid7/insightvm` |
| [SentinelOne – SentinelOne](#integration-sentinelone) | Sends findings | `arn:aws:securityhub:::product/sentinelone/endpoint-protection` |
| [Snyk](#integration-snyk) | Sends findings | `arn:aws:securityhub:::product/snyk/snyk` |
| [Sonrai Security – Sonrai Dig](#integration-sonrai-dig) | Sends findings | `arn:aws:securityhub:::product/sonrai-security/sonrai-dig` |
| [Sophos – Server Protection](#integration-sophos-server-protection) | Sends findings | `arn:aws:securityhub::062897671886:product/sophos/sophos-server-protection` |
| [StackRox – StackRox Kubernetes Security](#integration-stackrox-kubernetes-security) | Sends findings | `arn:aws:securityhub:::product/stackrox/kubernetes-security` |
| [Sumo Logic – Machine Data Analytics](#integration-sumologic-machine-data-analytics) | Sends findings | `arn:aws:securityhub::956882708938:product/sumologicinc/sumologic-mda` |
| [Symantec – Cloud Workload Protection](#integration-symantec-cloud-workload-protection) | Sends findings | `arn:aws:securityhub::754237914691:product/symantec-corp/symantec-cwp` |
| [Tenable – Tenable.io](#integration-tenable-tenableio) | Sends findings | `arn:aws:securityhub::422820575223:product/tenable/tenable-io` |
| [Trend Micro – Cloud One](#integration-trend-micro) | Sends findings | `arn:aws:securityhub:::product/trend-micro/cloud-one` |
| [Vectra – Cognito Detect](#integration-vectra-ai-cognito-detect) | Sends findings | `arn:aws:securityhub::978576646331:product/vectra-ai/cognito-detect` |
| [Wiz](#integration-wiz) | Sends findings | `arn:aws:securityhub:::product/wiz-security/wiz-security` |
| [Atlassian - Jira Service Management](#integration-atlassian-jira-service-management) | Receives and updates findings | Not applicable |
| [Atlassian - Jira Service Management Cloud](#integration-atlassian-jira-service-management-cloud) | Receives and updates findings | Not applicable |
| [Atlassian – Opsgenie](#integration-atlassian-opsgenie) | Receives findings | Not applicable |
| [Dynatrace](#integration-dynatrace) | Receives findings | Not applicable |
| [Elastic](#integration-elastic) | Receives findings | Not applicable |
| [Fortinet – FortiCNP](#integration-fortinet-forticnp) | Receives findings | Not applicable |
| [IBM – QRadar](#integration-ibm-qradar) | Receives findings | Not applicable |
| [Logz.io Cloud SIEM](#integration-logzio-cloud-siem) | Receives findings | Not applicable |
| [MetricStream](#integration-metricstream) | Receives findings | Not applicable |
| [MicroFocus – MicroFocus Arcsight](#integration-microfocus-arcsight) | Receives findings | Not applicable |
| [New Relic Vulnerability Management](#integration-new-relic-vulnerability-management) | Receives findings | Not applicable |
| [PagerDuty – PagerDuty](#integration-pagerduty) | Receives findings | Not applicable |
| [Palo Alto Networks – Cortex XSOAR](#integration-palo-alto-cortex-xsoar) | Receives findings | Not applicable |
| [Palo Alto Networks – VM-Series](#integration-palo-alto-vmseries) | Receives findings | Not applicable |
| [Rackspace Technology – Cloud Native Security](#integration-rackspace-cloud-native-security) | Receives findings | Not applicable |
| [Rapid7 – InsightConnect](#integration-rapid7-insightconnect) | Receives findings | Not applicable |
| [RSA – RSA Archer](#integration-rsa-archer) | Receives findings | Not applicable |
| [ServiceNow – ITSM](#integration-servicenow-itsm) | Receives and updates findings | Not applicable |
| [Slack – Slack](#integration-slack) | Receives findings | Not applicable |
| [Splunk – Splunk Enterprise](#integration-splunk-enterprise) | Receives findings | Not applicable |
| [Splunk – Splunk Phantom](#integration-splunk-phantom) | Receives findings | Not applicable |
| [ThreatModeler](#integration-threatmodeler) | Receives findings | Not applicable |
| [Trellix – Trellix Helix](#integration-fireeye-helix) | Receives findings | Not applicable |
| [Caveonix – Caveonix Cloud](#integration-caveonix-cloud) | Sends and receives findings | `arn:aws:securityhub:::product/caveonix/caveonix-cloud` |
| [Cloud Custodian – Cloud Custodian](#integration-cloud-custodian) | Sends and receives findings | `arn:aws:securityhub:::product/cloud-custodian/cloud-custodian` |
| [DisruptOps, Inc. – DisruptOPS](#integration-disruptops) | Sends and receives findings | `arn:aws:securityhub:::product/disruptops-inc/disruptops` |
| [Kion](#integration-kion) | Sends and receives findings | `arn:aws:securityhub:::product/cloudtamerio/cloudtamerio` |
| [Turbot – Turbot](#integration-turbot) | Sends and receives findings | `arn:aws:securityhub::453761072151:product/turbot/turbot` |
## Third-party integrations that send findings to Security Hub CSPM
The following third-party partner product integrations can send findings to Security Hub CSPM. Security Hub CSPM transforms the findings into the [AWS Security Finding Format](securityhub-findings-format.md).
### 3CORESec – 3CORESec NTA
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/3coresec/3coresec`
3CORESec provides managed detection services for both on-premises and AWS systems. Their integration with Security Hub CSPM allows visibility into threats such as malware, privilege escalation, lateral movement, and improper network segmentation.
[Product link](https://3coresec.com)
[Partner documentation](https://docs.google.com/document/d/1TPUuuyoAVrMKRVnGKouRy384ZJ1-3xZTnruHkIHJqWQ/edit?usp=sharing)
### Alert Logic – SIEMless Threat Management
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::733251395267:product/alertlogic/althreatmanagement`
Get the right level of coverage: vulnerability and asset visibility, threat detection and incident management, AWS WAF, and assigned SOC analyst options.
[Product link](https://www.alertlogic.com/solutions/platform/aws-security/)
[Partner documentation](https://docs.alertlogic.com/configure/aws-security-hub.htm)
### Aqua Security – Aqua Cloud Native Security Platform
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/aquasecurity/aquasecurity`
Aqua Cloud Native Security Platform (CSP) provides full lifecycle security for container-based and serverless applications, from your CI/CD pipeline to runtime production environments.
[Product link](https://blog.aquasec.com/aqua-aws-security-hub)
[Partner documentation](https://github.com/aquasecurity/aws-security-hub-plugin)
### Aqua Security – Kube-bench
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/aqua-security/kube-bench`
Kube-bench is an open-source tool that runs the Center for Internet Security (CIS) Kubernetes Benchmark against your environment.
[Product link](https://github.com/aquasecurity/kube-bench/blob/master/README.md)
[Partner documentation](https://github.com/aquasecurity/kube-bench/blob/master/README.md)
### Armor – Armor Anywhere
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::679703615338:product/armordefense/armoranywhere`
Armor Anywhere delivers managed security and compliance for AWS.
[Product link](https://aws.amazon.com/marketplace/seller-profile?id=797425f4-6823-4cf6-82b5-634f9a9ec347)
[Partner documentation](https://amp.armor.com/account/cloud-connections)
### AttackIQ – AttackIQ
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/attackiq/attackiq-platform`
AttackIQ Platform emulates real adversarial behavior aligned with the MITRE ATT&CK Framework to help validate and improve your overall security posture.
[Product link](https://go.attackiq.com/BD-AWS-Security-Hub_LP.html)
[Partner documentation](https://github.com/AttackIQ/attackiq.github.io)
### Barracuda Networks – Cloud Security Guardian
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::151784055945:product/barracuda/cloudsecurityguardian`
Barracuda Cloud Security Sentry helps organizations stay secure while building applications in, and moving workloads to, the public cloud.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/B07KF2X7QJ)
[Product link](https://www.barracuda.com/solutions/aws)
### BigID – BigID Enterprise
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/bigid/bigid-enterprise`
The BigID Enterprise Privacy Management Platform helps companies manage and protect sensitive data (PII) across all their systems.
[Product link](https://github.com/bigexchange/aws-security-hub)
[Partner documentation](https://github.com/bigexchange/aws-security-hub)
### Blue Hexagon – Blue Hexagon for AWS
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/blue-hexagon/blue-hexagon-for-aws`
Blue Hexagon is a real time threat detection platform. It uses deep learning principles to detect known and unknown threats, including malware and network anomalies.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-fvt5ts3ulhrtk?sr=0-1&ref_=beagle&applicationId=AWSMPContessa)
[Partner documentation](https://bluehexagonai.atlassian.net/wiki/spaces/BHDOC/pages/395935769/Deploying+Blue+Hexagon+with+AWS+Traffic+Mirroring#DeployingBlueHexagonwithAWSTrafficMirroringDeployment-Integrations)
### Check Point – CloudGuard IaaS
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::758245563457:product/checkpoint/cloudguard-iaas`
Check Point CloudGuard easily extends comprehensive threat prevention security to AWS while protecting assets in the cloud.
[Product link](https://aws.amazon.com/marketplace/seller-profile?id=a979fc8a-dd48-42c8-84cc-63d5d50e3a2f)
[Partner documentation](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk140412)
### Check Point – CloudGuard Posture Management
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::634729597623:product/checkpoint/dome9-arc`
A SaaS platform that delivers verifiable cloud network security, advanced IAM protection, and comprehensive compliance and governance.
[Product link](https://aws.amazon.com/marketplace/seller-profile?id=a979fc8a-dd48-42c8-84cc-63d5d50e3a2f)
[Partner documentation](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk144592&partition=General&product=CloudGuard)
### Claroty – xDome
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/claroty/xdome`
Claroty xDome helps organizations secure their cyber-physical systems across the Extended Internet of Things (XIoT) within industrial (OT), healthcare (IoMT), and enterprise (IoT) environments.
[Product link](https://claroty.com/)
[Partner documentation](https://claroty.com/resources/integration-briefs/the-claroty-aws-securityhub-integration-guide)
### Cloud Storage Security – Antivirus for Amazon S3
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/cloud-storage-security/antivirus-for-amazon-s3`
Cloud Storage Security provides cloud native anti-malware and antivirus scanning for Amazon S3 objects.
Antivirus for Amazon S3 offers real time and scheduled scans of objects and files in Amazon S3 for malware and threats. It provides visibility and remediation for problem and infected files.
[Product link](https://cloudstoragesec.com/)
[Partner documentation](https://help.cloudstoragesec.com/console-overview/console-settings/#send-scan-result-findings-to-aws-security-hub)
### Contrast Security – Contrast Assess
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/contrast-security/security-assess`
Contrast Security Contrast Assess is an IAST tool that offers real-time vulnerability detection in web apps, APIs, and microservices. Contrast Assess integrates with Security Hub CSPM to help provide centralized visibility and response for all your workloads.
[Product link](https://aws.amazon.com/marketplace/pp/prodview-g5df2jw32felw)
[Partner documentation](https://docs.contrastsecurity.com/en/securityhub.html)
### CrowdStrike – CrowdStrike Falcon
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::517716713836:product/crowdstrike/crowdstrike-falcon`
The CrowdStrike Falcon single, lightweight sensor unifies next-generation antivirus, endpoint detection and response, and 24/7 managed hunting through the cloud.
[AWS Marketplace link](https://aws.amazon.com/marketplace/seller-profile?id=f4fb055a-5333-4b6e-8d8b-a4143ad7f6c7)
[Partner documentation](https://github.com/CrowdStrike/falcon-integration-gateway)
### CyberArk – Privileged Threat Analytics
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::749430749651:product/cyberark/cyberark-pta`
Privileged Threat Analytics collect, detect, alert, and respond to high-risk activity and behavior of privileged accounts to contain in-progress attacks.
[Product link](https://www.cyberark.com/solutions/digital-transformation/cloud-virtualization-security/)
[Partner documentation](https://cyberark-customers.force.com/mplace/s/#a352J000000dZATQA2-a392J000001Z3eaQAC)
### Data Theorem – Data Theorem
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/data-theorem/api-cloud-web-secure`
Data Theorem continuously scans web applications, APIs, and cloud resources in search of security flaws and data privacy gaps to prevent AppSec data breaches.
[Product link](https://www.datatheorem.com/partners/aws/)
[Partner documentation](https://datatheorem.atlassian.net/wiki/spaces/PKB/pages/1730347009/AWS+Security+Hub+Integration)
### Drata
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/drata/drata-integration`
Drata is a compliance automation platform that helps you achieve and maintain compliance with various frameworks, such as SOC2, ISO, and GDPR. The integration between Drata and Security Hub CSPM helps you centralize your security findings in one location.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-3ubrmmqkovucy)
[Partner documentation](https://drata.com/partner/aws)
### Forcepoint – Forcepoint CASB
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::365761988620:product/forcepoint/forcepoint-casb`
Forcepoint CASB allows you to discover cloud application use, analyze risk, and enforce appropriate controls for SaaS and custom applications.
[Product link](https://www.forcepoint.com/platform/technology-partners/securing-your-amazon-web-services-aws-workloads)
[Partner documentation](https://frcpnt.com/casb-securityhub)
### Forcepoint – Forcepoint Cloud Security Gateway
**Integration type:** Send
Product ARN: `arn:aws:securityhub:::product/forcepoint/forcepoint-cloud-security-gateway`
Forcepoint Cloud Security Gateway is a converged cloud security service that provides visibility, control, and threat protection for users and data, wherever they are.
[Product link](https://www.forcepoint.com/product/cloud-security-gateway)
[Partner documentation](https://forcepoint.github.io/docs/csg_and_aws_security_hub/#forcepoint-cloud-security-gateway-and-aws-security-hub)
### Forcepoint – Forcepoint DLP
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::365761988620:product/forcepoint/forcepoint-dlp`
Forcepoint DLP addresses human-centric risk with visibility and control everywhere your people work and everywhere your data resides.
[Product link](https://www.forcepoint.com/platform/technology-partners/securing-your-amazon-web-services-aws-workloads)
[Partner documentation](https://frcpnt.com/dlp-securityhub)
### Forcepoint – Forcepoint NGFW
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::365761988620:product/forcepoint/forcepoint-ngfw`
Forcepoint NGFW lets you connect your AWS environment into your enterprise network with the scalability, protection, and insights needed to manage your network and respond to threats.
[Product link](https://www.forcepoint.com/platform/technology-partners/securing-your-amazon-web-services-aws-workloads)
[Partner documentation](https://frcpnt.com/ngfw-securityhub)
### Fugue – Fugue
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/fugue/fugue`
Fugue is an agent-less, scalable cloud-native platform that automates the continuous validation of infrastructure-as-code and cloud runtime environments using the same policies.
[Product link](https://www.fugue.co/aws-security-hub-integration)
[Partner documentation](https://docs.fugue.co/integrations-aws-security-hub.html)
### Guardicore – Centra 4.0
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/guardicore/guardicore`
Guardicore Centra provides flow visualization, micro-segmentation, and breach detection for workloads in modern data centers and clouds.
[Product link](https://aws.amazon.com/marketplace/seller-profile?id=21127457-7622-49be-81a6-4cb5dd77a088)
[Partner documentation](https://customers.guardicore.com/login)
### HackerOne – Vulnerability Intelligence
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/hackerone/vulnerability-intelligence`
The HackerOne platform partners with the global hacker community to uncover the most relevant security issues. Vulnerability Intelligence enables your organization to go beyond automated scanning. It shares vulnerabilities that HackerOne ethical hackers have validated and provided steps to reproduce.
[AWS marketplace link](https://aws.amazon.com/marketplace/seller-profile?id=10857e7c-011b-476d-b938-b587deba31cf)
[Partner documentation](https://docs.hackerone.com/en/articles/8562571-aws-security-hub-integration)
### JFrog – Xray
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/jfrog/jfrog-xray`
JFrog Xray is a universal application security Software Composition Analysis (SCA) tool that continuously scans binaries for license compliance and security vulnerabilities so that you can run a secure software supply chain.
[AWS Marketplace link](https://aws.amazon.com/marketplace/seller-profile?id=68002c4f-c9d1-4fa7-b827-fd7204523fb7)
[Partner documentation](https://www.jfrog.com/confluence/display/JFROG/Xray+Integration+with+AWS+Security+Hub)
### Juniper Networks – vSRX Next Generation Firewall
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/juniper-networks/vsrx-next-generation-firewall`
Juniper Networks' vSRX Virtual Next Generation Firewall delivers a complete cloud-based virtual firewall with advanced security, secure SD-WAN, robust networking, and built-in automation.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-z7jcugjx442hw)
[Partner documentation](https://www.juniper.net/documentation/us/en/software/vsrx/vsrx-consolidated-deployment-guide/vsrx-aws/topics/topic-map/security-aws-cloudwatch-security-hub-and-logs.html#id-enable-and-configure-security-hub-on-vsrx)
[Product link](https://www.juniper.net/documentation/us/en/software/vsrx/vsrx-consolidated-deployment-guide/vsrx-aws/topics/topic-map/security-aws-cloudwatch-security-hub-and-logs.html)
### k9 Security – Access Analyzer
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/k9-security/access-analyzer`
k9 Security notifies you when important access changes occur in your AWS Identity and Access Management account. With k9 Security, you can understand the access that users and IAM roles have to critical AWS services and your data.
k9 Security is built for continuous delivery, allowing you to operationalize IAM with actionable access audits and simple policy automation for AWS CDK and Terraform.
[Product link](https://www.k9security.io/lp/operationalize-aws-iam-security-hub)
[Partner documentation](https://www.k9security.io/docs/how-to-configure-k9-access/)
### Lacework – Lacework
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/lacework/lacework`
Lacework is the data-driven security platform for the cloud. The Lacework Cloud Security Platform automates cloud security at scale so you can innovate with speed and safety.
[Product link](https://www.lacework.com/platform/aws/)
[Partner documentation](https://www.lacework.com/platform/aws/)
### McAfee – MVISION Cloud Native Application Protection Platform (CNAPP)
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/mcafee-skyhigh/mcafee-mvision-cloud-aws`
McAfee MVISION Cloud Native Application Protection Platform (CNAPP) offers Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for your AWS environment.
[Product link](https://aws.amazon.com/marketplace/pp/prodview-ol6txkzkdyacc)
[Partner documentation](https://success.myshn.net/Cloud_Native_Application_Protection_Platform_(IaaS)/Amazon_Web_Services_(AWS)/Integrate_MVISION_Cloud_with_AWS_Security_Hub)
### NETSCOUT – NETSCOUT Cyber Investigator
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/netscout/netscout-cyber-investigator`
NETSCOUT Cyber Investigator is an enterprise-wide network threat, risk investigation, and forensic analysis platform that helps to reduce the impact of cyber threats on businesses.
[Product link](https://aws.amazon.com/marketplace/pp/prodview-reujxcu2cv3f4?qid=1608874215786&sr=0-1&ref_=srh_res_product_title)
[Partner documentation](https://www.netscout.com/solutions/cyber-investigator-aws)
### Orca Cloud Security Platform
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/orca-security/orca-security`
The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues across your entire cloud estate. Orca’s agentless-first, AI-driven platform offers comprehensive coverage detecting vulnerabilities, misconfigurations, lateral movement, API risks, sensitive data, anomalous events and behaviors, and overly permissive identities.
Orca integrates with Security Hub CSPM to bring deep cloud security telemetry into Security Hub CSPM. Orca, using its SideScanning technology, prioritizes risk across cloud infrastructure, workloads, applications, data, APIs, identities, and more.
[Product link](https://orca.security/partners/technology/amazon-web-services-aws/)
[Partner documentation](https://docs.orcasecurity.io/docs/integrating-amazon-security-hub)
### Palo Alto Networks – Prisma Cloud Compute
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::496947949261:product/twistlock/twistlock-enterprise`
Prisma Cloud Compute is a cloud native cybersecurity platform that protects VMs, containers, and serverless platforms.
[Product link](https://aws.amazon.com/marketplace/seller-profile?id=0ed48363-5064-4d47-b41b-a53f7c937314)
[Partner documentation](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/alerts/aws_security_hub.html)
### Palo Alto Networks – Prisma Cloud Enterprise
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::188619942792:product/paloaltonetworks/redlock`
Protects your AWS deployment with cloud security analytics, advanced threat detection, and compliance monitoring.
[Product link](https://aws.amazon.com/marketplace/seller-profile?id=0ed48363-5064-4d47-b41b-a53f7c937314)
[Partner documentation](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/configure-external-integrations-on-prisma-cloud/integrate-prisma-cloud-with-aws-security-hub)
### Plerion – Cloud Security Platform
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/plerion/cloud-security-platform`
Plerion is a Cloud Security Platform with a unique threat-led, risk-driven approach that offers preventative, detective, and corrective action across your workloads. The integration between Plerion and Security Hub CSPM allows customers to centralize and act upon their security findings in one place.
[AWS Marketplace link](https://aws.amazon.com/marketplace/seller-profile?id=464b7833-edb8-43ee-b083-d8a298b7ba08)
[Partner documentation](https://au.app.plerion.com/resource-center/platform-documentation/integrations/outbound/securityHub)
### Prowler – Prowler
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/prowler/prowler`
Prowler is an open source security tool to perform AWS checks related to security best practices, hardening, and continuous monitoring.
[Product link](https://github.com/prowler-cloud/prowler)
[Partner documentation](https://github.com/prowler-cloud/prowler#security-hub-integration)
### Qualys – Vulnerability Management
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::805950163170:product/qualys/qualys-vm`
Qualys Vulnerability Management (VM) continuously scans and identifies vulnerabilities, protecting your assets.
[Product link](https://www.qualys.com/public-cloud/#aws)
[Partner documentation](https://qualys-secure.force.com/discussions/s/article/000005831)
### Rapid7 – InsightVM
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::336818582268:product/rapid7/insightvm`
Rapid7 InsightVM provides vulnerability management for modern environments, allowing you to efficiently find, prioritize, and remediate vulnerabilities.
[Product link](https://www.rapid7.com/products/insightvm/)
[Partner documentation](https://docs.rapid7.com/insightvm/aws-security-hub/)
#### SentinelOne – SentinelOne
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/sentinelone/endpoint-protection`
SentinelOne is an autonomous extended detection and response (XDR) platform encompassing AI-powered prevention, detection, response, and hunting across endpoints, containers, cloud workloads, and IoT devices.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-2qxvr62fng6li?sr=0-2&ref_=beagle&applicationId=AWSMPContessa)
[Product link](https://www.sentinelone.com/press/sentinelone-announces-integration-with-aws-security-hub/)
### Snyk
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/snyk/snyk`
Snyk provides a security platform that scans app components for security risks in workloads running on AWS. These risks are sent to Security Hub CSPM as findings, helping developers and security teams visualize and prioritize them along with the rest of their AWS security findings.
[AWS Marketplace link](https://aws.amazon.com/marketplace/seller-profile?id=bb528b8d-079c-455e-95d4-e68438530f85)
[Partner documentation](https://docs.snyk.io/integrations/event-forwarding/aws-security-hub)
### Sonrai Security – Sonrai Dig
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/sonrai-security/sonrai-dig`
Sonrai Dig monitors and remediates cloud misconfigurations and policy violations, so you can improve your security and compliance posture.
[Product link](https://sonraisecurity.com/solutions/amazon-web-services-aws-and-sonrai-security/)
[Partner documentation](https://sonraisecurity.com/blog/monitor-privilege-escalation-risk-of-identities-from-aws-security-hub-with-integration-from-sonrai/)
### Sophos – Server Protection
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::062897671886:product/sophos/sophos-server-protection`
Sophos Server Protection defends the critical applications and data at the core of your organization, using comprehensive defense-in-depth techniques.
[Product link](https://www.sophos.com/en-us/products/cloud-native-security/aws)
### StackRox – StackRox Kubernetes Security
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/stackrox/kubernetes-security`
StackRox helps enterprises secure their container and Kubernetes deployments at scale by enforcing their compliance and security policies across the entire container life cycle – build, deploy, and run.
[Product link](https://aws.amazon.com/marketplace/pp/B07RP4B4P1)
[Partner documentation](https://help.stackrox.com/docs/integrate-with-other-tools/integrate-with-aws-security-hub/)
### Sumo Logic – Machine Data Analytics
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::956882708938:product/sumologicinc/sumologic-mda`
Sumo Logic is a secure, machine data analytics platform that enables development and security operations teams to build, run, and secure their AWS applications.
[Product link](https://www.sumologic.com/application/aws-security-hub/)
[Partner documentation](https://help.sumologic.com/07Sumo-Logic-Apps/01Amazon_and_AWS/AWS_Security_Hub)
### Symantec – Cloud Workload Protection
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::754237914691:product/symantec-corp/symantec-cwp`
Cloud Workload Protection provides complete protection for your Amazon EC2 instances with antimalware, intrusion prevention, and file integrity monitoring.
[Product link](https://www.broadcom.com/products/cyber-security/endpoint/hybrid-cloud/cloud-workload-protection)
[Partner documentation](https://help.symantec.com/cs/scwp/SCWP/v130271667_v111037498/Intergration-with-AWS-Security-Hub/?locale=EN_US&sku=CWP_COMPUTE)
### Tenable – Tenable.io
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::422820575223:product/tenable/tenable-io`
Accurately identify, investigate, and prioritize vulnerabilities. Managed in the cloud.
[Product link](https://www.tenable.com/)
[Partner documentation](https://github.com/tenable/Security-Hub)
### Trend Micro – Cloud One
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/trend-micro/cloud-one`
Trend Micro Cloud One provides the right security information to teams at the right time and place. This integration sends security findings to Security Hub CSPM in real time, enhancing visibility into your AWS resources and Trend Micro Cloud One event details in Security Hub CSPM.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-g232pyu6l55l4)
[Partner documentation](https://cloudone.trendmicro.com/docs/integrations/aws-security-hub/)
### Vectra – Cognito Detect
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub::978576646331:product/vectra-ai/cognito-detect`
Vectra is transforming cybersecurity by applying advanced AI to detect and respond to hidden cyberattackers before they can steal or cause damage.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-x2mabtjqsjb2w)
[Partner documentation](https://cognito-resource-guide.s3.us-west-2.amazonaws.com/Vectra_AWS_SecurityHub_Integration_Guide.pdf)
### Wiz – Wiz Security
**Integration type:** Send
**Product ARN:** `arn:aws:securityhub:::product/wiz-security/wiz-security`
Wiz continuously analyzes configurations, vulnerabilities, networks, IAM settings, secrets, and more across your AWS accounts, users, and workloads to discover critical issues that represent actual risk. Integrate Wiz with Security Hub CSPM to visualize and respond to issues that Wiz detects from the Security Hub CSPM console.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-wgtgfzwbk4ahy)
[Partner documentation](https://docs.wiz.io/wiz-docs/docs/security-hub-integration)
## Third-party integrations that receive findings from Security Hub CSPM
The following third-party partner product integrations can receive findings from Security Hub CSPM. Where noted, the product might also update findings. In this case, updates that you make to findings in the partner product are also reflected in Security Hub CSPM.
### Atlassian - Jira Service Management
**Integration type:** Receive and update
The AWS Service Management Connector for Jira sends findings from Security Hub CSPM to Jira. Jira issues are created based on the findings. When the Jira issues are updated, the corresponding findings are updated in Security Hub CSPM.
The integration only supports Jira Server and Jira Data Center.
For an overview of the integration and how it works, watch the video [AWS Security Hub CSPM – Bidirectional integration with Atlassian Jira Service Management](https://www.youtube.com/watch?v=uEKwu0M8S3M).
[Product link](https://www.atlassian.com/software/jira/service-management)
[Partner documentation](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/integrations-jiraservicedesk.html)
### Atlassian - Jira Service Management Cloud
**Integration type:** Receive and update
Jira Service Management Cloud is the cloud component of Jira Service Management.
The AWS Service Management Connector for Jira sends findings from Security Hub CSPM to Jira. The findings trigger the creation of issues in Jira Service Management Cloud. When you update those issues in Jira Service Management Cloud, the corresponding findings are also updated in Security Hub CSPM.
[Product link](https://marketplace.atlassian.com/apps/1221283/aws-service-management-connector-for-jsm?tab=overview&hosting=cloud)
[Partner documentation](https://docs.aws.amazon.com/smc/latest/ag/integrations-jsmcloud.html)
### Atlassian – Opsgenie
**Integration type:** Receive
Opsgenie is a modern incident management solution for operating always-on services, empowering development and operations teams to plan for service disruptions and stay in control during incidents.
Integrating with Security Hub CSPM ensures that mission critical security-related incidents are routed to the appropriate teams for immediate resolution.
[Product link](https://www.atlassian.com/software/opsgenie)
[Partner documentation](https://docs.opsgenie.com/docs/amazon-security-hub-integration-bidirectional)
### Dynatrace
**Integration type:** Receive
The Dynatrace integration with Security Hub CSPM helps to unify, visualize, and automate security findings across tools and environments. Adding Dynatrace runtime context to security findings allows smarter prioritization, helps reduce noise from alerts, and focuses your DevSecOps teams on efficiently remedying the critical issues that affect your production environments and applications.
[Product link](https://www.dynatrace.com/solutions/application-security/)
[Partner documentation](https://docs.dynatrace.com/docs/secure/threat-observability/security-events-ingest/ingest-aws-security-hub)
### Elastic
**Integration type:** Receive
Elastic builds search-powered solutions for security, observability, and search. With the Security Hub CSPM integration, Elastic ingests findings and insights from Security Hub CSPM programmatically, normalizes them for correlation and analytics, and presents unified dashboards and detections in Elastic Security, enabling faster triage and investigation without deploying agents.
[Product link](https://www.elastic.co/blog/elastic-integrates-leading-cloud-security-vendors)
[Partner documentation](https://www.elastic.co/docs/reference/integrations/aws/securityhub)
### Fortinet – FortiCNP
**Integration type:** Receive
FortiCNP is a Cloud Native Protection product that aggregates security findings into actionable insights and prioritizes security insights based on risk score to reduce alert fatigue and accelerate remediation.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-vl24vc3mcb5ak)
[Partner documentation](https://docs.fortinet.com/document/forticnp/22.3.a/online-help/467775/aws-security-hub-configuration)
### IBM – QRadar
**Integration type:** Receive
IBM QRadar SIEM provides security teams with the ability to quickly and accurately detect, prioritize, investigate, and respond to threats.
[Product link](https://www.ibm.com/docs/en/qradar-common?topic=app-aws-security-hub-integration)
[Partner documentation](https://www.ibm.com/docs/en/qradar-common?topic=configuration-integrating-aws-security-hub)
### Logz.io Cloud SIEM
**Integration type:** Receive
Logz.io is a provider of Cloud SIEM that provides advanced correlation of log and event data to help security teams to detect, analyze, and respond to security threats in real time.
[Product link](https://logz.io/solutions/cloud-monitoring-aws/)
[Partner documentation](https://docs.logz.io/shipping/security-sources/aws-security-hub.html)
### MetricStream – CyberGRC
**Integration type:** Receive
MetricStream CyberGRC helps you manage, measure, and mitigate cybersecurity risks. By receiving Security Hub CSPM findings, CyberGRC provides more visibility into these risks, so you can prioritize cybersecurity investments and comply with IT policies.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-5ph5amfrrmyx4?qid=1616170904192&sr=0-1&ref_=srh_res_product_title)
[Product link](https://www.metricstream.com/)
### MicroFocus – MicroFocus Arcsight
**Integration type:** Receive
ArcSight accelerates effective threat detection and response in real time, integrating event correlation and supervised and unsupervised analytics with response automation and orchestration.
[Product link](https://aws.amazon.com/marketplace/pp/B07RM918H7)
[Partner documentation](https://community.microfocus.com/cyberres/productdocs/w/connector-documentation/2768/smartconnector-for-amazon-web-services-security-hub)
### New Relic Vulnerability Management
**Integration type:** Receive
New Relic Vulnerability Management receives security findings from Security Hub CSPM, so you can get a centralized view of security alongside performance telemetry in context across your stack.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-yg3ykwh5tmolg)
[Partner documentation](https://docs.newrelic.com/docs/vulnerability-management/integrations/aws/)
### PagerDuty – PagerDuty
**Integration type:** Receive
The PagerDuty digital operations management platform empowers teams to proactively mitigate customer-impacting issues by automatically turning any signal into the right insight and action.
AWS users can use the PagerDuty set of AWS integrations to scale their AWS and hybrid environments with confidence.
When coupled with Security Hub CSPM aggregated and organized security alerts, PagerDuty allows teams to automate their threat response process and quickly set up custom actions to prevent potential issues.
PagerDuty users who are undertaking a cloud migration project can move quickly, while decreasing the impact of issues that occur throughout the migration lifecycle.
[Product link](https://aws.amazon.com/marketplace/pp/prodview-5sf6wkximaixc?ref_=srh_res_product_title)
[Partner documentation](https://support.pagerduty.com/docs/aws-security-hub-integration-guide-pagerduty)
### Palo Alto Networks – Cortex XSOAR
**Integration type:** Receive
Cortex XSOAR is a Security Orchestration, Automation, and Response (SOAR) platform that integrates with your entire security product stack to accelerate incident response and security operations.
[Product link](https://aws.amazon.com/marketplace/seller-profile?id=0ed48363-5064-4d47-b41b-a53f7c937314)
[Partner documentation](https://xsoar.pan.dev/docs/reference/integrations/aws---security-hub)
### Palo Alto Networks – VM-Series
**Integration type:** Receive
Palo Alto VM-Series integration with Security Hub CSPM collects threat intelligence and sends it to the VM-Series next-generation firewall as an automatic security policy update that blocks malicious IP address activity.
[Product link](https://github.com/PaloAltoNetworks/pan_aws_security_hub)
[Partner documentation](https://github.com/PaloAltoNetworks/pan_aws_security_hub)
### Rackspace Technology – Cloud Native Security
**Integration type:** Receive
Rackspace Technology provides managed security services on top of native AWS security products for 24x7x365 monitoring by Rackspace SOC, advanced analysis, and threat remediation.
[Product link](https://www.rackspace.com/managed-aws/capabilities/security)
### Rapid7 – InsightConnect
**Integration type:** Receive
Rapid7 InsightConnect is a security orchestration and automation solution that enables your team to optimize SOC operations with little to no code.
[Product link](https://www.rapid7.com/platform/)
[Partner documentation](https://docs.rapid7.com/insightconnect/aws-security-hub/)
### RSA – RSA Archer
**Integration type:** Receive
RSA Archer IT and Security Risk Management allows you to determine which assets are critical to your business, establish and communicate security policies and standards, detect and respond to attacks, identify and remediate security deficiencies, and establish clear IT risk management best practices.
[Product link](https://community.rsa.com/docs/DOC-111898)
[Partner documentation](https://community.rsa.com/docs/DOC-111898)
### ServiceNow – ITSM
**Integration type:** Receive and update
The ServiceNow integration with Security Hub CSPM allows security findings from Security Hub CSPM to be viewed within ServiceNow ITSM. You can also configure ServiceNow to automatically create an incident or problem when it receives a finding from Security Hub CSPM.
Any updates to these incidents and problems result in updates to the findings in Security Hub CSPM.
For an overview of the integration and how it works, watch the video [AWS Security Hub CSPM - Bidirectional integration with ServiceNow ITSM](https://www.youtube.com/watch?v=OYTi0sjEggE).
[Product link](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/integrations-servicenow.html)
[Partner documentation](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/securityhub-config.html)
### Slack – Slack
**Integration type:** Receive
Slack is a layer of the business technology stack that brings together people, data, and applications. It is a single place where people can effectively work together, find important information, and access hundreds of thousands of critical applications and services to do their best work.
[Product link](https://github.com/aws-samples/aws-securityhub-to-slack)
[Partner documentation](https://docs.aws.amazon.com/chatbot/latest/adminguide/related-services.html)
### Splunk – Splunk Enterprise
**Integration type:** Receive
Splunk uses Amazon CloudWatch Events as a consumer of Security Hub CSPM findings. Send your data to Splunk for advanced security analytics and SIEM.
[Product link](https://splunkbase.splunk.com/app/5767)
[Partner documentation](https://github.com/splunk/splunk-for-securityHub)
### Splunk – Splunk Phantom
**Integration type:** Receive
With the Splunk Phantom application for AWS Security Hub CSPM, findings are sent to Phantom for automated context enrichment with additional threat intelligence information or to perform automated response actions.
[Product link](https://splunkbase.splunk.com/app/5767)
[Partner documentation](https://splunkphantom.s3.amazonaws.com/phantom-sechub-setup.html)
### ThreatModeler
**Integration type:** Receive
ThreatModeler is an automated threat modeling solution that secures and scales the enterprise software and cloud development life cycle.
[Product link](https://aws.amazon.com/marketplace/pp/B07S65ZLPQ)
[Partner documentation](https://threatmodeler-setup-quickstart.s3.amazonaws.com/ThreatModeler+Setup+Guide/ThreatModeler+Setup+%26+Deployment+Guide.pdf)
### Trellix – Trellix Helix
**Integration type:** Receive
Trellix Helix is a cloud-hosted security operations platform that allows organizations to take control of any incident from alert to fix.
[Product link](https://www.trellix.com/en-us/products/helix.html)
[Partner documentation](https://docs.trellix.com/bundle/fe-helix-enterprise-landing/)
## Third-party integrations that send findings to and receive findings from Security Hub CSPM
The following third-party partner product integrations can send findings to and receive findings from Security Hub CSPM.
### Caveonix – Caveonix Cloud
**Integration type:** Send and receive
**Product ARN:** `arn:aws:securityhub:::product/caveonix/caveonix-cloud`
The Caveonix AI-powered platform automates visibility, assessment, and mitigation in hybrid clouds, covering cloud-native services, VMs, and containers. Integrated with AWS Security Hub CSPM, Caveonix merges AWS data and advanced analytics for insights into security alerts and compliance.
[AWS Marketplace link](https://aws.amazon.com/marketplace/pp/prodview-v6nlnxa5e67es)
[Partner documentation](https://support.caveonix.com/hc/en-us/articles/18171468832529-App-095-How-to-Integration-AWS-Security-Hub-with-Caveonix-Cloud-)
### Cloud Custodian – Cloud Custodian
**Integration type:** Send and receive
**Product ARN:** `arn:aws:securityhub:::product/cloud-custodian/cloud-custodian`
Cloud Custodian enables users to be well managed in the cloud. The simple YAML DSL allows easily defined rules to enable a well-managed cloud infrastructure that's both secure and cost optimized.
[Product link](https://cloudcustodian.io/docs/aws/topics/securityhub.html)
[Partner documentation](https://cloudcustodian.io/docs/aws/topics/securityhub.html)
### DisruptOps, Inc. – DisruptOPS
**Integration type:** Send and receive
**Product ARN:** `arn:aws:securityhub:::product/disruptops-inc/disruptops`
The DisruptOps Security Operations Platform helps organizations maintain best security practices in your cloud through the use of automated guardrails.
[Product link](https://disruptops.com/ad/securityhub-isa/)
[Partner documentation](https://disruptops.com/securityhub/)
### Kion
**Integration type:** Send and receive
**Product ARN:** `arn:aws:securityhub:::product/cloudtamerio/cloudtamerio`
Kion (formerly cloudtamer.io) is a complete cloud governance solution for AWS. Kion gives stakeholders visibility into cloud operations and helps cloud users manage accounts, control budget and cost, and ensure continuous compliance.
[Product link](https://kion.io/partners/aws)
[Partner documentation](https://support.kion.io/hc/en-us/articles/360046647551-AWS-Security-Hub)
### Turbot – Turbot
**Integration type:** Send and receive
**Product ARN:** `arn:aws:securityhub:::product/turbot/turbot`
Turbot ensures that your cloud infrastructure is secure, compliant, scalable, and cost optimized.
[Product link](https://turbot.com/features/)
[Partner documentation](https://turbot.com/blog/2018/11/aws-security-hub/)