SentinelOne has unveiled an Amazon Web Services (AWS) Security Hub integration to help organizations identify and mitigate cyber threats across their cloud workloads. The integration is now available via the SentinelOne Singularity Marketplace.
The integration allows organizations to use AWS Security Hub to aggregate, organize and prioritize security alerts from SentinelOne agents, the company said. It then provides security findings that organizations can use to investigate incidents directly from AWS Security Hub.
In addition, the integration ensures SentinelOne incidents are normalized to the AWS Security Finding Format (ASFF), the company noted. This eliminates the need for organizations to convert or parse through security data from SentinelOne agents.
Cloud Security Risks, and MSSP Opportunities
The SentinelOne-AWS Security Hub integration comes at a key time. Nearly 40% of organizations have experienced a cloud-based attack or breach in the last two years, according to CyberRisk Alliance research.
As cloud-based assets/workloads increase, 50% of respondents are very concerned about their ability to secure their cloud systems, with 72% “extremely” or “very” concerned, the research also found.
Amid that backdrop, roughly 40% of MSSPs now offer cloud security posture management (CSPM) and related services to help customers properly configure and lock down their cloud workloads, MSSP Alert research found. Meanwhile, MSSPs now drive roughly 20% of the SentinelOne's business.
New SentinelOne Integrations: Zero Trust, Vulnerability Discovery and More
The AWS Security Hub integration comes after SentinelOne in January 2022 added the following integrations to the Singularity Marketplace:
- Automox: Offers vulnerability discovery and remediation.
- Blue Hexagon: Helps MSSPs detect and prevent malware and ransomware attacks in the cloud.
- Keysight: Provides threat simulation capabilities.
- Remediant: Enforces zero trust solutions across cloud, hybrid and on-premises infrastructure.