We’re pleased to announce that Orca Security will expand the existing integration with AWS Security Hub CSPM to support the enhanced version of AWS Security Hub announced at re:Inforce. Through the new integration, Orca will be able to receive security findings from Security Hub. Currently, Orca brings deep cloud security telemetry to Security Hub CSPM, allowing teams to get more context around risks to speed up investigations and prioritization. 

Starting June 17, 2025, AWS customers can leverage an enhanced version of Security Hub with significant enhancements and support for Open Cybersecurity Schema Framework (OCSF). Organizations using this latest version of Security Hub will be able to send their Security Findings from Security Hub to Orca. Together, Orca and Security Hub enable teams to view, prioritize, and remediate all risks on their AWS accounts, workloads, and data—in context at scale.

A screenshot of the AWS Security Hub displaying risk findings from the Orca platform
Risk findings from the Orca Cloud Security Platform in AWS Security Hub CSPM

What is the enhanced version of AWS Security Hub?

AWS Security Hub prioritizes your most critical security issues and helps respond at scale. It detects critical issues by correlating and enriching signals, for example, from threat detection and vulnerability management. This enables you to surface and prioritize active risks in your cloud environment. Security Hub transforms security signals into actionable insights and offers intuitive visualizations and natural language summaries, enabling you to make more informed security decisions quickly. Security Hub also provides automated response workflows to streamline remediation at scale. As a result, you can reduce security risks, improve your team’s productivity, and minimize potential operational disruptions. Security Hub provides more comprehensive visibility into your security posture to protect your cloud environment.

What is AWS Security Hub CSPM?

As the name implies, AWS Security Hub CSPM functions as the central system that provides a complete overview of the security of your AWS infrastructure, pulling in information from many different AWS services and third-party solutions. It provides central visibility into risks and continuously monitors your environment against best practices and compliance standards, such as AWS Foundational Security Best Practices and CIS AWS Foundations Benchmark.

AWS Security Hub offers the following key features:

  1. Security Posture Management: Continuously monitors and assesses your AWS environment against best practices and security standards, including AWS Foundational Security Best Practices, CIS AWS Foundations Benchmark, and PCI DSS.
  2. Centralized View: Aggregates security findings from various AWS services, such as Amazon GuardDuty, Amazon Inspector, and AWS Config, as well as from integrated third-party security solutions (including the Orca Platform), into a single, unified dashboard.
  3. Automated Compliance Checks: Automatically performs compliance checks against industry standards and best practices, providing insights into areas that need attention.
  4. Findings Aggregation and Prioritization: Collects and consolidates security findings from multiple sources, prioritizing them based on severity and potential impact to help you focus on the most critical issues first.
  5. Automated Response and Remediation: Supports automated workflows and integrations with AWS Lambda and AWS Systems Manager, enabling automated response and remediation actions for security findings.

Why integrate Orca with AWS Security Hub?

Orca integrates with Security Hub CSPM to bring deep cloud security telemetry into Security Hub CSPM. Orca will be able to ingest Security Findings in the OCSF schema with the enhanced version of Security Hub in addition to the existing Security Hub CSPM integration. 

The new integration with the enhanced version of Security Hub will feed Orca’s Cloud Detection and Response (CDR) capabilities. This will bring AWS-native findings from Security Hub into the real-time telemetry used by Orca Sensor and Orca’s SideScanning™ technology to detect active risks and threats.

Orca and AWS partnership

The integration with Security Hub is the latest in a number of AWS integrations to enhance security for Orca and AWS customers’ cloud estates, including with Amazon Bedrock, Amazon GuardDuty and Amazon Security Lake. Named winner of the 2022 Global AWS Security Partner Award, Orca Security leverages its close relationship with AWS to comprehensively secure AWS cloud estates. 

Orca supports over 100 AWS services to provide comprehensive security coverage for its customers’ AWS estates, detecting risks across infrastructure, workloads, identities, and data. The Orca Platform is available in AWS Marketplace.

The Orca Cloud Security Platform

The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues across your entire AWS cloud estate. Orca’s agentless-first, AI-driven platform offers comprehensive coverage detecting vulnerabilities, misconfigurations, lateral movement, API risks, sensitive data, anomalous events and behaviors, and overly permissive identities.

Learn more about how Orca secures AWS

Would you like to learn more about the Orca platform? Schedule a 1:1 demo with one of our experts.