Activate Amazon GuardDuty in each production account, aggregate all GuardDuty logs in a dedicated logging account, and configure GuardDuty to invoke an AWS Lambda function directly for remediation. The Lambda function should also be set up to publish notifications to the SNS topic.

Activate AWS Security Hub in each production account, aggregate all Security Hub findings in a dedicated logging account, and use AWS Config and AWS Systems Manager for remediation. Systems Manager should be configured to publish notifications to the SNS topic.

Activate Amazon GuardDuty in each production account, aggregate all GuardDuty logs in a dedicated logging account, and use Amazon EventBridge to invoke a custom AWS Lambda function from GuardDuty findings for remediation. The Lambda function should be configured to publish notifications to the SNS topic.

Activate AWS Security Hub in each production account, aggregate all Security Hub findings in a dedicated logging account, and use Amazon EventBridge to invoke a custom AWS Lambda function from Security Hub findings for remediation. The Lambda function should be configured to publish notifications to the SNS topic.