AWS S3 Configuration Health and AWS Security Hub Integration

This week we have enabled two new features in our AWS Workload Security portfolio; S3 Configuration and AWS Security Hub Integration.

S3 Configuration Health

We have extended the discovery of assets in AWS, currently showing EC2 instances, to include S3 buckets. As well as increased visibility, we Identify critical misconfigurations of S3 buckets and highlight these by providing a bucket health and alerting to the change of S3 bucket health via Sophos Central alerts.


  

AWS Security Hub 

AWS Security Hub reduces the effort of collecting and prioritising security findings across accounts, from AWS services, and AWS partner tools. The service ingests data using a standard findings format, eliminating the need for time-consuming data conversion efforts. It then correlates findings across providers to prioritise the most important findings.

Sophos has integrated alerts from Sophos Central into the AWS Security Hub for those customers who have connected their AWS accounts to Sophos Central.

Note: These features require the use of IAM Role, if you have previously connected your account using IAM User, you will need to migrate this to a Role: 
https://community.sophos.com/kb/en-us/125510 

Note: If you have already connected an account, once you have added/updated the permissions for S3 and Security Hub you will need to manually refresh your connection:
https://community.sophos.com/kb/en-us/132753 

https://aws.amazon.com/security-hub/