AWS has launched Security Hub Extended to unify its own tools like Inspector and GuardDuty with a curated set of third-party vendors under a single-pane mini-SOC. The service uses the Open Cybersecurity Schema Framework (OCSF) for pre-normalized findings, offers AWS as the seller of record with consolidated billing and flexible pricing, and aims to simplify cross-domain correlation and vendor management. #AWS #SecurityHubExtended #Inspector #GuardDuty #OCSF #CrowdStrike #Okta #Zscaler
Keypoints
- Security Hub Extended unifies AWS security services and selected third-party solutions into a single management plane.
- Integrated partners provide findings in OCSF, enabling automatic cross-domain correlation and more granular threat detection.
- AWS acts as the seller of record with one combined monthly invoice and flexible pay-as-you-go or flat-rate pricing.
- The initial curated partner list includes vendors such as CrowdStrike, Okta, Zscaler, Splunk, and others chosen by customers.
- Customers can still use non-curated third-party integrations, but those require extra integration work and separate billing management.
Read More: https://www.securityweek.com/aws-expands-security-hub-into-a-cross-domain-security-platform/