Open theodoorscholte opened 1 year ago
@theodoorscholte enabled integrations are reported as
'arn:aws:securityhub:eu-west-1:<AWS_ACCOUNT_ID>:product-subscription/aws/access-analyzer',
'arn:aws:securityhub:eu-west-1:<AWS_ACCOUNT_ID>:product-subscription/aws/guardduty',
'arn:aws:securityhub:eu-west-1:<AWS_ACCOUNT_ID>:product-subscription/aws/config',
'arn:aws:securityhub:eu-west-1:<AWS_ACCOUNT_ID>:product-subscription/aws/firewall-manager',
'arn:aws:securityhub:eu-west-1:<AWS_ACCOUNT_ID>:product-subscription/aws/health',
'arn:aws:securityhub:eu-west-1:<AWS_ACCOUNT_ID>:product-subscription/aws/inspector',
'arn:aws:securityhub:eu-west-1:<AWS_ACCOUNT_ID>:product-subscription/aws/macie',
'arn:aws:securityhub:eu-west-1:<AWS_ACCOUNT_ID>:product-subscription/aws/ssm-patch-manager',
'arn:aws:securityhub:eu-west-1:<AWS_ACCOUNT_ID>:product-subscription/aws/securityhub
How would we want to report on them?
Can you also elaborate on
Controls/Rules that are active in each compliance framework
Do we want something more than what is documented from AWS? If so, how do we get that?
@costastf Enabled integrations look good! AWS adds more controls/rules to each compliance framework over time. This results in more findings between runs of the tool. This is why it is needed to report at runtime about the controls/rules that are included in each framework.