Custom Security Hub Findings is a repository that allows AWS users to import custom findings into Security Hub using AWS Lambda and get email notifications.
This repo primarily use the following services:
- As the first step, we enable Security Hub in two regions using aws_securityhub_account.
- Next we create EventBridge rule that triggers the Lambda function.
- Lambda function uses batch_import_findings function by boto3 that imports the custom finding in Security Hub
- In next step, we create one more EventBridge rule that has the source of security hub and targets it to SNS topic
Whether you use this project, have learned something from it, or just like it, please consider supporting it by buying me a coffee, so I can dedicate more time on open-source projects like this :)
You can check out the full license here
This project is licensed under the terms of the MIT license.