What should I focus on if I have limited time and resources and can't implement all of these control types?

FAQ

What should I focus on if I have limited time and resources and can't implement all of these control types?

We recommend implementing AWS Security Hub CSPM. Security Hub CSPM has a set of automated security controls called the AWS Foundational Security Best Practices standard (Security Hub CSPM documentation). This is a highly curated set of security best practices managed by AWS security experts. You can run these standard controls either continuously, whenever there are changes to the associated resources, or periodically, on a regular schedule. Each control has a specific severity score to help you prioritize your remediation efforts. For more information, see Running security checks (Security Hub CSPM documentation). If you are using AWS Control Tower, you can also review and choose to enable its preventative, detective, and proactive controls.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Next steps

Resources