Security Hub

Definition

AWS Security Hub is a unified security dashboard that aggregates security alerts and findings from multiple AWS services for comprehensive security

Use Cases

Provider Equivalents

Frequently Asked Questions

What's the difference between AWS Security Hub and Amazon GuardDuty?
GuardDuty is a threat detection service that analyzes signals (like CloudTrail, VPC Flow Logs, and DNS logs) to detect suspicious activity and generates findings. Security Hub is a central dashboard that aggregates findings from GuardDuty and many other sources (AWS services and partner tools), correlates and normalizes them, and provides security standards checks so you can manage everything in one place.
When should I use AWS Security Hub?
Use Security Hub when you want a single place to view and prioritize security findings across multiple AWS services and accounts, track compliance against common security standards, and integrate alerts into your incident response workflow. It’s especially useful for organizations running multiple AWS accounts (for example, via AWS Organizations) or using several security tools that produce separate alerts.
How much does AWS Security Hub cost?
Security Hub pricing is based on factors such as the number of security checks performed for enabled standards and the volume of findings ingested. Costs vary depending on how many accounts/regions you enable, which standards you turn on, and how many integrated products generate findings. For exact rates and to estimate spend, use the AWS Security Hub pricing page and the AWS Pricing Calculator.

Category: security

Difficulty: intermediate

Related Terms

See Also