> For the complete documentation index, see [llms.txt](https://docs.sprinto.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.sprinto.com/integrations/overview/aws-security-hub-integration.md).

# AWS Security Hub Integration

AWS Security Hub is AWS's centralized security service. It helps aggregate and prioritize security alerts and findings across AWS services and integrated third-party tools.

### How does this integration help

The following integration helps Sprinto retrieve the detected vulnerabilities through the AWS Security Hub integration. Sprinto helps ensure the detected vulnerabilities are resolved within the defined SLA and meet the security compliance requirements.

#### Sprinto checks for AWS Security Hub

Below are the Sprinto checks available for AWS Security Hub:

<table><thead><tr><th width="166.203125">Sprinto check</th><th>Required action</th></tr></thead><tbody><tr><td>AWS Security Hub vulnerability alert should be resolved within SLA</td><td>The check starts failing if the Security Hub has detected a vulnerability or security issue on the configured AWS account.<br><br>To pass the check, resolve the detected issue from the source account. Once resolved, Sprinto detects the change and sets the check status to Passing.<br><br>You can mark any check as a<a href="https://sprinto.freshdesk.com/en/support/solutions/articles/72000632095-how-to-mark-a-sprinto-check-as-a-special-case"> special case</a> and manually set the status to Passing if you find any detected issues irrelevant.</td></tr></tbody></table>

### Before you begin

* Ensure that you have administrator privilege on the AWS account.
* Make sure that your AWS IAM identity has the following policies attached:
  * AWSSecurityHubFullAccess: Enabling it individually.
  * AWSSecurityHubOrganizationsAccess: Enabling it through Organization.
* Log in to the Sprinto admin portal using your credentials.

### Integrate Sprinto with AWS Security Hub

Follow the below procedure to integrate AWS Security Hub with Sprinto:

1. From the Sprinto admin portal, navigate to Data Library> Vulnerabilities > Overview, then click + Add monitoring source.
2. Click Choose next to AWS Security Hub from the Add Vulnerabilities monitoring source page.

   <figure><img src="https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/72108553020/original/ao3wkJn_wNoaLAsz5euDFpgyrnCHcxuLYQ.png?1722319762" alt="" width="563"><figcaption></figcaption></figure>
3. Select the AWS account you wish to configure. By default, all the integrated AWS accounts are selected. If required, add additional AWS accounts.

   <figure><img src="https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/72108553056/original/R_-ZGaABcfhpKhj8mYRdNp1aQW9zoNQyoA.png?1722319783" alt="" width="563"><figcaption></figcaption></figure>
4. Click Add AWS Security Hub.
5. If the AWS account is not integrated, click Connect AWS to proceed with integration. Refer to[ the AWS integration guide](https://sprinto.freshdesk.com/support/solutions/articles/72000559871-how-to-integrate-sprinto-with-amazon-web-services-aws-) for detailed instructions.

   <figure><img src="https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/72108553081/original/qWr42sOu0HPew5L8gQRxZ6RtQD4vN1iFKg.png?1722319806" alt="" width="563"><figcaption></figcaption></figure>
6. Upon configuration, navigate to Data Library > Vulnerabilities > AWS Security Hub to review the pending instances. You can find the following columns: \
   Note: Use the available filters for quick navigation or click on the refresh button to sync data.
   * Entity id: Unique ID assigned
   * Entity name: Vulnerability name
   * Severity: Impact severity
   * Vulnerability:
   * Assigned to: Stakeholder responsible for resolving the detected vulnerability.

Please contact [Sprinto Support](mailto:www.support@sprinto.com) if you have any queries related to the integration or need assistance.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sprinto.com/integrations/overview/aws-security-hub-integration.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.