AWS Security Hub
Supported version: Cloud
Pre-requisites:
- Python Script Integration Service deployed on the Gathr Analytics.
- Below libraries available on the Gathr Analytics: a. jsonpath_ng b. boto3
- All the required roles and permissions for the AWS Security Hub.
- Client Id, Client Secret and AWS hosted region for the AWS Security Hub.
Note : Permission required for AWS Security Hub is : AWSSecurityHubFullAccess IMPORTANT: Please make sure your AWS Security Hub instance must be accessible from the Gathr Analytics Machine.
Operation Details:
Below are the list of all the python scripts operation for the AWS Security Hub:
| S.No. | Operation Name | Description |
|---|---|---|
| 1 | Get Enabled Standards | Get the Enabled Standards in AWS Security Hub. |
| 2 | Describe Products | Get the Description of the Products in the AWS Security Hub. |
| 3 | Describe Standards | Get the Description of the Standards in the AWS Security Hub. |
| 4 | Describe Standards Controls | Get the Standards Controls using Standards ARN in AWS Security Hub. |
| 5 | Get Action Targets | Get all the Action Targets in the AWS Security Hub. |
| 6 | Get Findings | Get all the Findings filtered on Date in the AWS Security Hub. |
| 7 | Get Insights | Get the Insights in the AWS Security Hub. |
| 8 | Get Insights Results | Get all the Results of the Insights in AWS Security Hub. |
Steps to use AWS Security Hub on the Gathr Analytics:
The user needs to follow the below steps:
- The user needs to upload the Security Hub App on the Gathr Analytics and in return it will auto-register all the python scripts on the Gathr Analytics.
- The user needs to right click on the floor and needs to go to the Scripts->Operations-> AWS Security Hub.
- It will expose all the scripts operations here and the user can run any operation of his/her choice.
If you have any feedback on Gathr documentation, please email us!