falcosecurity / falcosidekick

Connect Falco to your ecosystem
Apache License 2.0
551 stars 181 forks source link

Add AWS Security Hub #872

Open tropnikovvl opened 6 months ago

tropnikovvl commented 6 months ago

Aggregator of all AWS security events.

In an ideal situation, add Falco as a third-party service that can send events to the Security Hub. https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html

Or you can go the simple way and just send alerts using the IAM user or role. https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-update-types.html

Issif commented 6 months ago

This is an interesting output, thanks. I would like to release the 2.29 before summer, I prefer to schedule this feature for the release after, 2.30 and have enough time to add falco/falcosidekick as a partner provider.

poiana commented 3 months ago

Issues go stale after 90d of inactivity.

Mark the issue as fresh with /remove-lifecycle stale.

Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle stale

Issif commented 3 months ago

/remove-lifecycle stale