Cloud Storage Security Help Docs
Release Notes
  • Introduction
  • Getting Started
    • How to Subscribe
      • Pay-As-You-Go (PAYG)
      • Bring Your Own License/GovCloud (BYOL)
      • AWS Transfer Family
    • How to Deploy
      • Steps to Deploy
      • Advanced Deployment Considerations
      • AWS Transfer Family
    • How to Configure
  • Console Overview
    • Dashboard
    • Malware Scanning
      • AWS
        • Buckets
        • Amazon EBS Volumes
        • Amazon EFS Volumes
        • Amazon FSx Volumes
        • WorkDocs Connections
      • Azure
        • Blob Containers
      • GCP
        • GCP Buckets
    • See What's Infected
      • Findings
      • Malware History
      • Results
    • Schedules
    • Monitoring
      • Error Logs
      • Bucket Settings
      • Deployment
      • Jobs
      • Notifications
      • Storage Assessment
      • Usage
    • Configuration
      • Classification Rule Sets
      • Classification Custom Rules
      • Scan Settings
      • Console Settings
      • AWS Integrations
      • Job Networking
      • API Agent Settings
      • Proactive Notifications
      • License Management
      • Event Agent Settings
    • Access Management
      • Manage Users
      • Manage Accounts
        • Linking an AWS Account
        • Linking an Azure Account
        • Linking a GCP Account
      • Manage Groups
    • Support
      • Getting Started
      • Stay Connected
      • Contact Us
      • Documentation
  • Product Updates
  • How It Works
    • Scanning Overview
      • Event Driven Scanning for New Files
      • Retro Scanning for Pre-Existing Files
      • API Driven Scanning
    • Architecture Overview
    • Deployment Details
    • Sizing Discussion
    • Integrations
      • AWS Security Hub
      • AWS CloudTrail Lake
      • AWS Transfer Family
      • Amazon GuardDuty
      • Amazon Bedrock
    • Demo Videos
    • Scanning APIs
    • SSO Integrations
      • Entra ID SSO Integration
      • Okta SSO Integration
  • Frequently Asked Questions
    • Getting Started
    • Product Functionality
    • Architecture Related
    • Supported File Types
  • Troubleshooting
    • SSL Certificate Expiry
    • CloudFormation Stack failures
    • Cross-Region Scanning on with private network
    • API Scanning: Could not connect to SSL/TLS (v7)
    • Password not received after deployment
    • Conflicted buckets
    • Modifying scaling info post-deployment
    • Objects show unscannable with access denied
    • Remote account objects not scanning
    • My scanning agents keep starting up and immediately shutting down
    • I cannot access the management console
    • Linked Account Out of Date
    • Rebooting the Management Console
    • Error when upgrading to the latest major version
    • I Cannot Create/Delete an API Agent
  • Release Notes
    • Latest (v9)
    • v8
    • v7
    • v6 and older
  • Contact Us & Support
  • Data Processing Agreement
  • Privacy Policy
Powered by GitBook
On this page
  • Example Finding within AWS Security Hub Console
  • Integration as seen inside the AWS Security Hub Console
  1. How It Works
  2. Integrations

AWS Security Hub

Antivirus for Amazon S3 and Data Classification for Amazon S3 both support AWS Security Hub.

PreviousIntegrationsNextAWS CloudTrail Lake

Last updated 5 months ago

You can enable Security Hub by going to Configuration > AWS Integrations. Read on here for more information on implementing it.

AWS Security Hub provides a consolidated view of your security status in AWS. Automate security checks, manage security findings, and identify the highest priority security issues across your AWS environment. We have integrated with AWS Security Hub to allow your Amazon S3 object findings (infected files and data matching classified data patterns) to be posted to this central location. Any infected or matching files found within your Amazon S3 storage can be shown and managed alongside the rest of the findings coming from all other aspects of your infrastructure.

It is very simple to start sending infected or matching scan results to AWS Security Hub. Simply toggle the switch on (becomes purple and text changes from Disabled to Enabled) and we will activate Accept Findings inside of AWS Security Hub and immediately start sending findings. You will not have to manually accept, although you can, the findings service inside the AWS Console. If you do happen to accept the service beforehand, you will still need to enable th toggle inside the management console.

Example Finding within AWS Security Hub Console

Integration as seen inside the AWS Security Hub Console

We expect AWS Security Hub to be subscribed to in the region the console is running within.

Flipping the toggle to enabled when AWS Security Hub is not subscribed to will be reflected with an error.

If you Stop Accepting Findings for our solution inside the AWS Security Hub console, but do not also disable it in the Console Settings page, we will continue to try to send events and errors will be sent to logs.

Any incident found, no matter the region, will be posted to the console region's AWS Security Hub. if you'd like the findings written out to the region they were found in.

Contact Us