Checking Security Findings in AWS Security Hub
You can check these events without leaving the AWS console. This is how findings reported by Sysdig CloudConnector look in the AWS Security Hub:
- Browse to Security Hub and click ‘Findings’ on the left.
- Click on “Delete bucket encryption” to view all the information you need to take immediate action:
And they appear in JSON format in AWS CloudWatch log streams.
Browse to CloudWatch, and click ‘Log groups > cloud-connector > alerts’
Further, these events can be forwarded to the Sysdig Backend, and alerted upon as necessary in your normal channels.