Sprinto Dashboard

AWS Security Hub Integration

AWS Security Hub is AWS's centralized security service. It helps aggregate and prioritize security alerts and findings across AWS services and integrated third-party tools.

How does this integration help

The following integration helps Sprinto retrieve the detected vulnerabilities through the AWS Security Hub integration. Sprinto helps ensure the detected vulnerabilities are resolved within the defined SLA and meet the security compliance requirements.

Sprinto checks for AWS Security Hub

Below are the Sprinto checks available for AWS Security Hub:

Sprinto check
Required action

AWS Security Hub vulnerability alert should be resolved within SLA

The check starts failing if the Security Hub has detected a vulnerability or security issue on the configured AWS account. To pass the check, resolve the detected issue from the source account. Once resolved, Sprinto detects the change and sets the check status to Passing. You can mark any check as a special case and manually set the status to Passing if you find any detected issues irrelevant.

Before you begin

  • Ensure that you have administrator privilege on the AWS account.

  • Make sure that your AWS IAM identity has the following policies attached:

    • AWSSecurityHubFullAccess: Enabling it individually.

    • AWSSecurityHubOrganizationsAccess: Enabling it through Organization.

  • Log in to the Sprinto admin portal using your credentials.

Integrate Sprinto with AWS Security Hub

Follow the below procedure to integrate AWS Security Hub with Sprinto:

  1. From the Sprinto admin portal, navigate to Security Hub > Vulnerabilities > Overview, then click + Add monitoring source.

  2. Click Choose next to AWS Security Hub from the Add Vulnerabilities monitoring source page.

  3. Select the AWS account you wish to configure. By default, all the integrated AWS accounts are selected. If required, add additional AWS accounts.

  4. Click Add AWS Security Hub.

  5. If the AWS account is not integrated, click Connect AWS to proceed with integration. Refer to the AWS integration guide for detailed instructions.

  6. Upon configuration, navigate to Security Hub > Vulnerabilities > AWS Security Hub to review the pending instances. You can find the following columns: Note: Use the available filters for quick navigation or click on the refresh button to sync data.

    • Entity id: Unique ID assigned

    • Entity name: Vulnerability name

    • Severity: Impact severity

    • Vulnerability:

    • Assigned to: Stakeholder responsible for resolving the detected vulnerability.

Please contact Sprinto Support if you have any queries related to the integration or need assistance.

PreviousAzure Active Directory IntegrationNextAzure Devops Integration (Version Control System)

Last updated