AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-02-27 · Documentation low

File: securityhub/latest/userguide/doc-history.md

Summary

Updated documentation history with new security controls and clarified release timing information. Added 11 new security controls and RSS feed subscription note.

Security assessment

The changes add documentation about new security controls but do not indicate they are addressing specific security vulnerabilities or incidents.

Diff

diff --git a/securityhub/latest/userguide/doc-history.md
index cc94ede16..3e41af89e 100644
--- a/securityhub/latest/userguide/doc-history.md
+++ b/securityhub/latest/userguide/doc-history.md
@@ -7 +7 @@
-The following table describes the updates to the documentation for AWS Security Hub.
+The following table describes the important changes to the documentation since the last release of AWS Security Hub. For security control releases, the date specifies when the controls begin to be available in supported AWS Regions. It can take 1–2 weeks for controls to be available in all supported Regions.
@@ -9,3 +9 @@ The following table describes the updates to the documentation for AWS Security
-###### Note
-
-For security control releases, the date specified is the date when the controls are available in all accounts and Regions. It can take 1-2 weeks for controls to reach all accounts and Regions.
+For notification about updates to the _AWS Security Hub User Guide_ , you can subscribe to an RSS feed.
@@ -15,0 +14,15 @@ Updates to control findings| Security Hub now generates `WARNING` findings for a
+New security controls| Security Hub released 11 new controls. The controls are:
+
+  * [[Connect.2] Amazon Connect instances should have CloudWatch logging enabled](./connect-controls.html#connect-2)
+  * [[ECR.5] ECR repositories should be encrypted with customer managed AWS KMS keys](./ecr-controls.html#ecr-5)
+  * [[ELB.17] Application and Network Load Balancers with listeners should use recommended security policies](./elb-controls.html#elb-17)
+  * [[Glue.4] AWS Glue Spark jobs should run on supported versions of AWS Glue](./glue-controls.html#glue-4)
+  * [[GuardDuty.11] GuardDuty Runtime Monitoring should be enabled](./guardduty-controls.html#guardduty-11)
+  * [[GuardDuty.12] GuardDuty ECS Runtime Monitoring should be enabled](./guardduty-controls.html#guardduty-12)
+  * [[GuardDuty.13] GuardDuty EC2 Runtime Monitoring should be enabled](./guardduty-controls.html#guardduty-13)
+  * [[NetworkFirewall.10] Network Firewall firewalls should have subnet change protection enabled](./networkfirewall-controls.html#networkfirewall-10)
+  * [[RDS.40] RDS for SQL Server DB instances should publish logs to CloudWatch Logs](./rds-controls.html#rds-40)
+  * [[SQS.3] SQS queue access policies should not allow public access](./sqs-controls.html#sqs-3)
+  * [[Transfer.3] Transfer Family connectors should have logging enabled](./transfer-controls.html#transfer-3)
+
+| February 24, 2025