Native is joining AWS Security Hub Extended 

Today, Native is available to AWS customers through Security Hub Extended. A few clicks in the AWS console, transparent pricing on your AWS bill, and Native is running across your environment. 

What Native does 

From day one, we believed the future of cloud security would be built in close partnership with the cloud providers. That’s not just a go-to-market choice. It’s core to the product and to the problem we are solving. 

The cloud providers already expose the architectural primitives that matter most. Identity boundaries, network segmentation, data perimeter mechanisms, policy frameworks, zone and account structures. The challenge is operationalizing them consistently, safely, and at scale across real environments and across multiple clouds. 

That’s what Native does. We help security teams define the architecture they want to enforce, translate that intent into the native capabilities of AWS, Azure, GCP, and OCI, simulate impact before anything changes, deploy safely, and keep it all aligned as the environment evolves. 

The result is that one cloud security engineer, or a small team, operates with the leverage normally reserved for the top one percent of security architecture talent. Across every cloud. By design, not by reaction. 

We do this today for Fortune 100 enterprises, fast-growing technology companies, and regulated institutions that span geographies, size, and industries. 

Native with Security Hub Extended 

Security Hub Extended gives AWS customers direct access to curated security solutions inside the AWS console, on the AWS bill, with pay-as-you-go pricing and no long procurement cycle. Anyone who has run a security program knows how much time disappears into procurement, integration, and vendor management. 

Two things make Security Hub Extended more interesting than the usual marketplace story. 

First, this is a meaningful opening for startups. As an industry, security depends on startups. They are the ones solving the frontier problems with the latest technology and the newest approaches. They are the engine that keeps defenses moving at the pace of a threat landscape that never stops changing. That has always been true. 

What has also been true is that buying from startups is hard. Procurement cycles, vendor risk reviews, legal negotiations, and paperwork that scales with company size. The innovation is there, but the friction between the innovation and the customer is real, and it slows everything down. 

Security Hub Extended changes that equation. Customers can now get the latest technology, from the companies building at the frontier, with the procurement experience and enterprise controls of AWS behind it. Frictionless access to the newest answers, 

Second, the way AWS structured the cloud security category inside Security Hub Extended itself is a signal. They didn’t pick one vendor. They picked two, representing two distinct approaches. One represents the mature category. The other represents what comes next.  

The cloud security category is splitting. The work of seeing, detecting, and responding is mature. The next chapter is enforcement. Architecture. Secure by design. And it has to move at the speed AI is now changing everything around it. 

We hear this from CISOs at the largest cloud estates in the world. We hear it from Gartner and the broader analyst community. AWS now solidifies this. There is a shift in cloud security and the new approach now needs to be accessible to all.  

Multicloud, delivered through AWS 

Almost every enterprise we work with runs across two or more clouds. Until now, managing security architecture consistently across that footprint has meant stitching together separate vendors, separate consoles, and separate contracts. 

AWS has announced that Security Hub itself will extend to multicloud in the coming months. In the meantime, and going forward, multicloud coverage inside Security Hub Extended is delivered through multicloud-native partners. Native is one of them. 

That means a customer can stand up consistent architecture and enforcement across AWS, Azure, GCP, and OCI, procured and managed through a single AWS relationship, starting today. One console to begin. One bill. Every cloud covered. 

From best-of-breed to platform 

The best-of-breed versus platform debate in security is old and unresolved. Both sides have real arguments. Best-of-breed gives you depth. Platform gives you coherence. For most of this industry’s history, you had to pick. 

Security Hub Extended points at a third option: a platform composed of best-of-breed. 

Platforms are built, not announced, and this one will take time. But the direction is clear, and Native sits at the center of how it plays out in cloud security. Visibility and detection across the Security Hub Extended ecosystem flow into Native. Native becomes the enforcement layer that turns those signals into architecture. 

A few examples of what the connected picture looks like: 

• CSPM tells you where the posture risk is. Native translates that signal into architecture that eliminates the class of risk, rather than generating another remediation ticket. 

• DSPM signals where sensitive data lives. Native enforces the architectural boundaries that keep it protected by design. That means managing third-party access, restricting destructive operations, and ensuring your AI applications aren't training on data they shouldn't touch. 

• Threat detection flags an actor technique targeting cloud environments, say, a new pattern of cross-account role abuse or a credential-theft chain exploiting instance metadata. Native adapts the architecture, tightens the boundaries, and closes the pathway across the estate before it gets exercised in your account. 

• AI governance identifies the agents making infrastructure changes in your environment. Native architects the environment to ensure these agents don’t bring down your production applications. 

• Visibility feeds Native. Native enforces. That’s the shape of the platform. 

Why now 

The timing isn’t coincidental. AI is rewriting both sides of the security equation. Code is being written faster, infrastructure is changing faster, and attackers have access to the same acceleration. The operating model that carried cloud security through the last decade, or the “find things and fix them” mentality, does not survive in this new reality. 

Security has to come together. It has to be best-in-class. It has to be frictionless for the teams building and operating. And the shift from seeing to enforcing has to happen now, not in three years. 

That’s what Native delivers. That’s what Security Hub Extended makes accessible. 

Getting started 

Every AWS customer activating Native through Security Hub Extended gets a 30-day free trial. That’s 30 days of full visibility into the current state of your security architecture and preventative controls across every cloud you run. That includes full product access to start improving those controls, optimizing the ones already in place, and replicating what works in one cloud across the others with just a few simple clicks.  

Get started with Native on Security Hub Extended.