Posted On: Sep 1, 2021
Starting today, you can configure Amazon Systems Manager OpsCenter to automatically aggregate security findings from Amazon Security Hub into OpsCenter as operational issues. This enables operations engineers and IT professionals to view, investigate, and resolve security issues along with other operational issues in OpsCenter. Additionally, you can now view Security Hub findings in Systems Manager Explorer. Systems Manager OpsCenter enables operators to track and resolve operational items related to Amazon Web Services resources in a central place and Systems Manager Explorer is an operations dashboard that provides a view of your operations data across your Amazon Web Services environment. Security Hub gives you a comprehensive view of your security alerts and security posture across your Amazon Web Services accounts.
With this new integration, you can now automatically send Security Hub findings to Explorer and OpsCenter to aggregate and take action on your security issues alongside other performance and operational issues in Systems Manager. Within Explorer, you can now view a summary of all Security Hub findings based on severity. For security findings, an operational issue (OpsItem) is automatically created in OpsCenter for diagnosis and remediation. You can also use Systems Manager Automation runbooks within OpsCenter to run pre-defined workflows to easily remediate common security issues with Amazon Web Services resources. Additionally, OpsCenter supports a bidirectional integration with Security Hub – when you make updates to the status and severity fields of an OpsItem related to a security finding, those changes are automatically sent to Security Hub to enable you to see the latest information.
This feature is available in all Amazon Web Services Regions where Systems Manager is supported.
To get started, visit the Systems Manager console, and choose Settings in Systems Manager Explorer or Configure sources in Systems Manager OpsCenter and enable Amazon Security Hub. To learn more, see the Amazon Systems Manager OpsCenter documentation or Amazon Systems Manager Explorer documentation. For more information about Amazon Security Hub, see the Amazon Security Hub documentation.