KuppingerCole Report
Executive View
By Alexei Balaganski

AWS Security Analytics Solutions

AWS provides a comprehensive suite of services to monitor for threats, misconfigurations and compliance violations across its portfolio, with all security alerts aggregated, organized and prioritized within AWS Security Hub – an extensible cloud security and compliance management platform.

1 Introduction

As businesses continue embracing the cloud to achieve better agility and innovation, faster time to market for their digital services and eliminate the costs of maintaining their own infrastructures, more and more corporate data migrates to the cloud, including highly sensitive information like intellectual property, financial transactions or personal information (PII).
Unfortunately, while most companies enjoy such benefits of the cloud as increased scalability and reduced management overhead, they often overlook the additional security and compliance risks that arise from it. Many tend to believe that it is a part of the cloud service provider’s responsibility to ensure the safety of their customer’s data, however, this isn’t so. According to the shared responsibility model, cloud service providers are responsible for managing and securing the underlying infrastructure, while customers retain full responsibility for security and compliance of the services and data they own and manage.

The number and scale of well-publicized data breaches that involve cloud services indicate that even some of the largest enterprises can struggle with the growing complexity of their cloud infrastructures, lack of visibility into their current security posture and, last but not least, overwhelming amounts of alerts to investigate and mitigate. While large corporations that can afford running their own security operations centers (SOCs) have an option to bring these cloud-generated alerts into their security information and event management (SIEM) systems, this alone does not reduce the number of incidents to deal with and does not provide the much-needed context information for prioritizing the mitigation actions.

A much better approach to cloud infrastructure and service security, however, is to harden them proactively by identifying potential vulnerabilities and deviations form industry standards and best practices in advance. This not only helps avoid data breaches before they occur but also substantially improves regulatory compliance. With the growing number of regulatory frameworks, both industry-specific like PCI or geography-based like GDPR, and massive financial and reputational losses for violating them, automating compliance checks is something every business should be looking into.

Amazon Web Services, Inc. (AWS) is a multinational cloud service provider headquartered in Seattle, USA. A subsidiary of the American retail giant Amazon.com, the AWS platform was launched in 2006 with the vision of offering on-demand access to a centrally managed computing infrastructure to customers on a subscription basis, thus essentially making the company the first major player in the cloud computing market. Over the years, AWS has managed to remain a leader of this rapidly growing market, in terms of the size of its global cloud infrastructure as well as by yearly revenue. Serving over a million enterprise customers, the company offers a broad range of cloud services: from low-level computing and storage components to artificial intelligence and quantum computing.

AWS has substantially and continuously invested in security and compliance services for its cloud infrastructure over the years. Amazon GuardDuty, released back in 2017, was the company’s first dedicated security analytics tool. In 2019, AWS launched Security Hub, a service that provides a central view over its comprehensive suite of services to monitor for threats, misconfigurations and compliance violations across its portfolio. AWS Security Hub, an open cloud security and compliance management platform, aggregates all security alerts and organizes and prioritizes them across multiple accounts and services.

2 Product Description

True to its original focus on “builders” – skillful and motivated developers looking for the most optimized tools to design and operate modern a ...

Additionally, AWS has made the new format open and available to 3rd party security vendors through the Security Hub partner program. Currently, over ...

Login Get full Access

3 Strengths and Challenges

AWS Security Hub is a major step forward for AWS in providing its customers with a unified platform for monitoring, analyzing and managing cloud secur ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.