modernisation-platform icon indicating copy to clipboard operation
modernisation-platform copied to clipboard

Published 20 hours ago verified publisher icon ministryofjustice

Use the core-security account for SecurityHub and GuardDuty main reporting

Open jakemulley opened this issue 4 years ago • 1 comments

We should centrally manage SecurityHub and GuardDuty findings in the core-security account.

jakemulley avatar Nov 25 '20 07:11 jakemulley

Most of this has moved to be part of the wider MOJ effort to centralise GuardDuty for all members of the AWS Organization.

We should import filtered findings from that source (for Modernisation Platform member accounts only) into an ELK stack or otherwise for our team.

jakemulley avatar Feb 23 '21 07:02 jakemulley

I'm going to close this one as we handle this through the organisation-security account.

dms1981 avatar Feb 14 '24 14:02 dms1981