February 26, 2020

Forcepoint Introduces Seamless Integration with AWS Security Hub

Karlene Berger

At Forcepoint, we focus on delivering security products that work for a range of complex customer environments, both now and in the future. As a growing number of organizations migrate more workloads to the cloud, they realize the increasing importance of cloud security. We know many of our customers turn to Amazon for their industry-leading cloud services. That’s why we worked closely with Amazon’s AWS team to integrate our products,  Forcepoint DLPForcepoint CASB and Forcepoint NGFW into AWS Security Hub

Industry’s first DLP solution integrated with AWS Security Hub, with a CASB to enhance  

Placing your data in AWS means you are responsible for managing the data, according to the shared responsibility model.  Whether you are keeping up with a growing list of compliance requirements, or ensuring that your critical data or intellectual property remains internal as you expand services and infrastructure.  For those reasons, we’re excited to be the first DLP solution integrated with AWS Security Hub.  In addition, Forcepoint recognizes how important cloud applications are for collaboration.  We prioritized integrating our Cloud Access Security Broker (CASB) solutions integrated with AWS Security Hub. Our CASB solution exists to control access to cloud applications at the device level and at the policy level. With DLP and CASB providing your data protection solution, administrators will be able to manage data policies that can be enforced wherever data resides. 

For many customers, cloud security starts with Forcepoint NGFW  

For lots of our customers, deploying a firewall around AWS resources is a first step towards data security in the cloud. That’s why Forcepoint integrated it into AWS Security Hub before our other products (see details of Forcepoint NGFW here in the AWS Marketplace). Many of our customers go further by using Forcepoint NGFW’s SD-WAN capabilities to securely connect corporate on-premises data centers to their AWS cloud environments to protect applications and data. Security teams for those customers most likely use Forcepoint NGFW’s Systems Management Console (SMC) to manage all their Forcepoint NGFWs whether they’re physical or virtual ones.  

Forcepoint NGFW administrators can pull in data and cloud access events– i.e. regulated or sensitive data movement events, or specific types of collaboration and content sharing cloud apps – to define unified levels of visibility to data risk or other events. Our teams worked to make it simple for administrators to prioritize which events get ingested into AWS Security Hub.  

This enables security organizations to identify potential issues more efficiently, and allows the, respond rapidly and prescriptively. Building on what Forcepoint NGFW offers to customers, Forcepoint DLP and CASB were the next logical step to integrate into this environment. And for those products, we also focused on helping administrators decide which alerts or events get ingested into AWS Security Hub. 

Flexibility that matches what you want to secure 

Integrating three core products into AWS Security Hub gives customers complete flexibility in how they manage and secure their AWS cloud instances. Our products already excel at helping security team identify and classify data, creating and enforcing policies across on-prem and cloud environments and tracking data flow across those networks. AWS Security Hub integration gives security teams the choice of how they want to organize operations.  

For example, a security team could choose to consume and correlate all events in AWS Security Hub. Or, in many cases, they’ll opt to take a more granular approach and consume only prioritized, elevated events within AWS Security Hub. Part of your security team may use Forcepoint’s console overall while other teams use AWS Security Hub to manage the prioritized alerts and insights ingested there. In other words, your integration can mirror the roles, responsibilities and the resources of your security team, wherever they are located.  

Getting started is as easy as 1, 2, 3.  

Our engineering and development teams worked closely with their AWS counterparts to ensure the installation and configuration of our products’ integration into AWS Security Hub is simple and seamless.   

We’re excited to make these AWS Security Hub integrations available to Forcepoint customers. We see it as a way to offer customers flexibility in how they manage and secure AWS resources. This work is an example of why Forcepoint’s proud to be an AWS Advanced Partner.   

Ready to use our products with AWS Security Hub with Forcepoint products? Great. These concise guides AWS Security Hub integration Guides can be found here: 

Care to view some videos?  Pop some popcorn and view how easy it is to get started:

  • Forcepoint DLP:
  • Forcepoint CASB:
  • Forcepoint NGFW:

Karlene Berger

Karlene serves as Sr. Director, Product Marketing for Global Governments and Critical Infrastructure (G2CI). She has spent her career following her core passion:  Problem Solving as an Enabler to Innovation. Her experience includes roles in Mechanical Design and Software Product Design,...

Read more articles by Karlene Berger

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.