Questions tagged with AWS Security Hub
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hello,
I am working on improving security compliance in my project and recently I've come across security finding related to network ACL:
`[EC2.21] Network ACLs should not allow ingress from...
2
answers
0
votes
373
views
asked 2 years agolg...
Someone pointed Nessus at my EC2 machine and performed a 12minute vunerability scan - Their IP traces back to AWS - There are more than 200 entries across all logs in /var/log/httpd. I believe my...
2
answers
0
votes
262
views
asked 2 years agolg...
Security Groups
Hi All,i am doing basic hands on regarding EC2 instance i created a inbound Security group for HTTPS on port 443 to be allowed from anywhere.
My EC2 instance has a web server running...
2
answers
1
votes
1610
views
asked 2 years agolg...
how to get regional endpoints in a real scenario?
I tried:
return g_boto3_session.client(service,
region_name=region,
...
1
answers
0
votes
485
views
asked 2 years agolg...
I am having issue on having 1000's of findings in Security Hub which says "Compliance Status: Passed"
usually they close after some period of time, but we generate daily reports and need to list the...
2
answers
0
votes
2990
views
asked 2 years agolg...
In the "results" view page of the Standards Controls (AWS, CIS), the the statistics ribbon displays a number of data, include are "Enabled", "Failed", "Disabled in this account" and "Disabled in all...
1
answers
0
votes
539
views
asked 2 years agolg...
Hi everyone, I need help urgently!! my account was hacked on March 20th and billing is around 24k USD, I raised the case on March 24th when I notice the problem, but, the case in AWS Support has not...
2
answers
0
votes
815
views
asked 2 years agolg...
Hi, I'm enabling server access logging on all S3 buckets, as per SecurityHub recommendations. But now it also wants access logging on the access logging buckets and it warns (very good) that source...
3
answers
3
votes
1438
views
asked 2 years agolg...
(resolved) Why do SecurityHub detection results show both PASSED and FAILED for the same resource?lg...
The SecurityHub detection results have the following titles:
`4.3 Ensure the default security group of every VPC restricts all traffic`
In response, we have removed the default security group...
Accepted AnswerAWS Security Hub
2
answers
0
votes
1459
views
asked 2 years agolg...
Question regarding Security Hub [EC2.10] This control checks whether a service endpoint for Amazon EC2 is created for each VPC. The control fails if a VPC does not have a VPC endpoint created for the...
1
answers
0
votes
1510
views
asked 2 years agolg...
Hi,
Whilst I am able to run and complete a sample app in AWS CDK, When trying to follow the blog post on [Security Hub...
2
answers
0
votes
567
views
asked 2 years agolg...
Hi,
I am working on resolving various AWS CIS Benchmarks in Security Hub and I am wondering if there is any way to re-run or manually trigger to re-check the rule if compliance is met. I've updated...
2
answers
0
votes
989
views
asked 2 years agolg...