About AWS Security Hub
AWS Security Hub is a recent offering from AWS aimed at providing an enterprise-wide view of security compliance. Security professionals will typically employ several security tools that target specific IT resources to achieve comprehensive coverage. This can burden the staff with aggregating, correlating and prioritizing the security alerts and reports generated by these tools. By ingesting outputs from each of your security tools in a standard findings format, Security Hub provides a unified repository and view to analyze these data sets. The result is a faster and more comprehensive understanding of your security situation.
The C2VS family of products are aimed at identifying vulnerabilities related to security misconfigurations. Adversaries typically exploit a chain of misconfigurations rather than a single vulnerability to exfiltrate data and/or to affect service levels. Analyzing of this chain of security configurations identifies gaps in your security controls and the potential for exploitation of these vulnerabilities by adversaries. C2VS specifically focuses on the custom application security configurations that are unique to your business. C2VS aims to close the blind spots left by other vulnerability scanning tools which primarily focus on infrastructure and operating system level scans.
C2VS scans a set of resources in an application environment and identifies any deviation from your custom baselines. The results of the scans are published in C2VS proprietary format, and these results are interpreted by the C2VS custom reporting application. However, the value of C2VS findings can be increased by correlating these results with findings from other security products including AWS Security services. This is done by publishing those result to AWS Security Hub.
Custom Security Hub Integration
C2VS scan results presented through Security Hub serves as a single pane of glass for security analysts. By sending results to Security Hub, it becomes easier for customers to raise alerts and implement remediation through compensating configurations. In addition, Capitis technical staff can assist you in transforming and publishing the outputs from other complementary security tools you may also be using to AWS Security Hub. To learn more about using C2VS as part of your comprehensive security toolset contact Capitis for a demonstration.