AWS Security Hub
AWS Security Hub findings, autonomously investigated and resolved by Alaris.
Better Together
Alaris + AWS Security Hub
AWS Security Hub aggregates findings from GuardDuty, Inspector, Macie, and dozens of third-party tools. Alaris subscribes to Security Hub events and autonomously investigates every finding, enriching with CloudTrail, VPC Flow Logs, and AWS Config, then executes response actions across your AWS environment.
Integration Details
Category
Cloud Platforms
Built by
Alaris Security
Compatible with
Key Capabilities
What you get with this integration
Multi-service finding ingestion
GuardDuty, Inspector, Macie, and partner findings all flow into Alaris automatically.
CloudTrail enrichment
Every finding is enriched with CloudTrail events to build a complete attack narrative.
Automated AWS remediation
Alaris can revoke IAM credentials, modify security groups, and quarantine instances automatically.
Multi-account support
Manage Security Hub findings across hundreds of AWS accounts from a single Alaris workspace.
Setup
How it works
Connect
Grant Alaris an IAM role with read access to Security Hub, CloudTrail, and your response targets.
Subscribe
Alaris subscribes to Security Hub findings via EventBridge for real-time ingestion.
Enrich
Each finding is enriched with CloudTrail, Config, and VPC Flow Log context.
Remediate
Alaris executes AWS API calls to contain and remediate threats automatically.
Related integrations
Azure Security
Cloud security posture management for Azure
Okta
Identity and access management platform
Microsoft Sentinel
Cloud-native SIEM and SOAR platform
Your stack, connected. Your threats, eliminated.
Connecting this integration takes minutes, not months. Once live, every alert it generates is automatically triaged, investigated, and responded to by Alaris, no manual work required.