AWS securityhub documentation change
Summary
Added new controls ECS.17 (host network mode) and RDS.42 (CloudWatch logging), and fixed punctuation in a link
Security assessment
Introduces new security controls for ECS and RDS as part of NIST compliance documentation. While these address security best practices, there is no evidence of a specific patched vulnerability.
Diff
diff --git a/securityhub/latest/userguide/nist-standard.md b/securityhub/latest/userguide/nist-standard.md index 6bb23fa61..76bac7f54 100644 --- a//securityhub/latest/userguide/nist-standard.md +++ b//securityhub/latest/userguide/nist-standard.md @@ -205 +205 @@ For more information about NIST SP 800-53 Rev. 5, see the [NIST Computer Securit -[[ECS.1] Amazon ECS task definitions should have secure networking modes and user definitions.](./ecs-controls.html#ecs-1) +[[ECS.1] Amazon ECS task definitions should have secure networking modes and user definitions](./ecs-controls.html#ecs-1) @@ -222,0 +223,2 @@ For more information about NIST SP 800-53 Rev. 5, see the [NIST Computer Securit +[[ECS.17] ECS task definitions should not use host network mode](./ecs-controls.html#ecs-17) + @@ -494,0 +497,2 @@ For more information about NIST SP 800-53 Rev. 5, see the [NIST Computer Securit +[[RDS.42] RDS for MariaDB DB instances should publish logs to CloudWatch Logs](./rds-controls.html#rds-42) +