Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Security Hub controls marked as RESOLVED do not go away.

0

I have lots of findings in different controls that have been resolved. So I set their workflow as RESOLVED. Days latter I am still seeing them marked RESOLVED and they are truly resolved.

Why are they not getting marked as PASSED?

Themen
Sicherheit, Identität & Konformität
Tags
AWS Sicherheits-Hub
Sprache
English
rePost-User-7973960
gefragt vor 5 Monaten174 Aufrufe
1 Antwort
0
Akzeptierte Antwort

Security Hub uses the Compliance.Status value from each control's findings to determine the overall control status. The Overall control status is Passed when all findings have a Compliance.Status of PASSED.

Security Hub > Controls > Search for the control ID eg. EC2.19 > Check the Compliance Status of all the Checks

For administrator accounts, the control status reflects the aggregated status across both the administrator account and all of the member accounts.

If you have set an aggregation Region, control statuses in the aggregation Region reflect control statuses across all of your linked Regions. Specifically, the overall status of a control appears as Failed if the control has one or more failed findings in at least one account and one linked Region.

Also Security Hub updates the control status every 24 hours based on the findings from the previous 24 hours.

[+] Determining the overall status of a control from its findings - https://docs.aws.amazon.com/securityhub/latest/userguide/controls-overall-status.html

profile picture
Navya Shukla
beantwortet vor 5 Monaten
profile picture
EXPERTE
Gary Mclean
überprüft vor einem Monat

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt