AWS lays out multicloud plans for Security Hub

Amazon Web Services is expanding Security Hub to multicloud environments in a move that highlights how hyperscalers are increasingly going beyond their platforms.

In a blog post, Gee Rittenhouse, Vice President of Security Services at AWS, outlined the next phase for Security Hub and offer security across clouds. Multicloud security along with AI will be a hot topic at the RSA Conference.

The AWS post is a follow-up to the launch of AWS Security Hub Extended, a plan that simplifies security across endpoints, identity, email, network, data, browser, cloud and AI. Security Hub customers will be able to easily expand Security Hub through multiple AWS security partners including CrowdStrike, Okta, Proofpoint, Splunk and Zscaler to name a few.

Security Hub is an example of how AWS is bringing together services into suites. Security Hub includes a variety of services including Amazon GuardDuty, Amazon Inspector, AWS Security Hub Cloud Security Posture Management (Security Hub CSPM) and Amazon Macie into one package.

• AWS re:Inforce 2025: SecurityHub, AI and proactive defense
• AWS re:Inforce 2025: GenAI, AI agents and common sense security
• AWS re:Invent 2025: This one was different

With Security Hub Extended, AWS is using its partner marketplace knowhow to expand its security reach. Like AWS Marketplace, Security Hub Extended enables customers to procure multiple cybersecurity products with AWS as seller of record on one bill.

According to Rittenhouse, Security Hub will get multicloud capabilities that will expand beyond AWS. A common data layer will unify security signals from multiple environments. A policy and operations layer will provide one pane of glass for exposure analysis and risk. Security Hub will also feature external network scanning beyond AWS.

Rittenhouse said:

"In the coming months, we are expanding Security Hub with new multicloud capabilities that extend unified security operations beyond AWS. The foundation of this expansion is a common data layer that unifies security signals from wherever your workloads run. On top of that, a unified policy and operations layer delivers consistent posture management, exposure analysis, and risk prioritization, so your security team operates from a single view of risk rather than a fragmented collection of consoles.

Security Hub will deliver unified risk analytics that surface critical risks across your multicloud estate."