AWS securityhub documentation change
Summary
Added CloudTrail.10 and Redshift Serverless controls related to KMS encryption and default database names
Security assessment
Documents new NIST-aligned controls for encryption management and default configuration hardening. These represent proactive security guidance rather than fixes for existing vulnerabilities.
Diff
diff --git a/securityhub/latest/userguide/nist-standard.md b/securityhub/latest/userguide/nist-standard.md index 996242b33..b91c91075 100644 --- a//securityhub/latest/userguide/nist-standard.md +++ b//securityhub/latest/userguide/nist-standard.md @@ -84,0 +85,2 @@ For more information about NIST SP 800-53 Rev. 5, see the [NIST Computer Securit +[[CloudTrail.10] CloudTrail Lake event data stores should be encrypted with customer managed AWS KMS keys](./cloudtrail-controls.html#cloudtrail-10) + @@ -516,0 +519,4 @@ For more information about NIST SP 800-53 Rev. 5, see the [NIST Computer Securit +[[RedshiftServerless.4] Redshift Serverless namespaces should be encrypted with customer managed AWS KMS keys](./redshiftserverless-controls.html#redshiftserverless-4) + +[[RedshiftServerless.7] Redshift Serverless namespaces should not use the default database name](./redshiftserverless-controls.html#redshiftserverless-7) +