AWS Security Hub | Starter Pack

Get up and running faster with this AWS Starter pack. Contains Classifiers and Mappers to get you going. Also contains example playbooks to run through your security incidents from GuardDuty

Comment

Inspiration

Take a cloud native app with autoscalling groups and automatically remediate a compromised instance.

What it does

Classifies Security Hub Incidents and maps the fields to an xSOAR instance. Handles instances in an autoscalling group and fetches processes from Systems Manager. Removes compromised instances and has the autoscalling group create new ones.

Built With

  • ec2
  • guardduty
  • lambda
  • python
  • securityhub
Share this project:

Updates