Integration with AWS Security Hub

Alert Logic is proud to announce its integration with Security Hub, a new product offered by Amazon Web Services. Security Hub is a dashboard within the AWS console where you can view findings generated by Alert Logic.

To start using the Alert Logic Security Hub integration, you must have an environment in AWS and a subscription to the Alert Logic suite at the Professional level or higher.

If you do not yet have a subscription to the Alert Logic suite, you will be directed to the AWS Marketplace during the signup process.

How to add Alert Logic findings to Security Hub

The setup for the Alert Logic integration with Security Hub is performed entirely within the AWS console. You do not need to set anything up anything in the Alert Logic console.

  1. Log into your AWS account, and then navigate to Security Hub. If you have multiple AWS accounts, log into the account subscribed to Alert Logic.
  2. Click Settings in the left navigation, and then click Providers.
  3. Scroll to Alert Logic: SIEMless Threat Management, and then click Subscribe.
  4. After you subscribe, Alert Logic will post new findings to your Security Hub dashboard. You will not see findings with timestamps before you subscribed.

Types of findings Alert Logic posts to Security Hub

In the initial release, Alert Logic posts to Security Hub all closed, verified incidents from your AWS environment.

Incident posts include the severity level, incident title, and resource information.

Click the incident title to see more information about the incident, including a timestamp and a link to >the incident in the Alert Logic console.

If you or someone in the Alert Logic Security Operations Center (SOC) re-opens and updates an incident in the Alert Logic console, it updates in Security Hub as well.