AWS securityhub documentation change
Summary
Updated documentation to consistently reference 'Security Hub CSPM' instead of 'Security Hub' throughout the file, including console references and configuration steps
Security assessment
The changes emphasize CSPM (Cloud Security Posture Management) capabilities but do not address any specific vulnerability or security incident. This appears to be branding/terminology clarification rather than addressing a security flaw. CSPM itself is a security feature category, so documentation updates about it qualify as adding security documentation.
Diff
diff --git a/securityhub/latest/userguide/orgs-accounts-enable.md b/securityhub/latest/userguide/orgs-accounts-enable.md index d009f67d8..d5cccbcb2 100644 --- a//securityhub/latest/userguide/orgs-accounts-enable.md +++ b//securityhub/latest/userguide/orgs-accounts-enable.md @@ -3 +3 @@ -[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[User Guide](what-is-securityhub.html) +[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[ User Guide ](what-is-security-hub-adv.html) @@ -5 +5 @@ -# Manually enabling Security Hub in new organization accounts +# Manually enabling Security Hub CSPM in new organization accounts @@ -7 +7 @@ -If you don't automatically enable Security Hub in new organization accounts when they join the organization, then you can add those accounts as members and enable Security Hub in them manually after they join the organization. You must also manually enable Security Hub in AWS accounts that you previously disassociated from an organization. +If you don't automatically enable Security Hub CSPM in new organization accounts when they join the organization, then you can add those accounts as members and enable Security Hub CSPM in them manually after they join the organization. You must also manually enable Security Hub CSPM in AWS accounts that you previously disassociated from an organization. @@ -11 +11 @@ If you don't automatically enable Security Hub in new organization accounts when -This section doesn't apply to you if you use [central configuration](./central-configuration-intro.html). If you use central configuration, you can create configuration policies that enable Security Hub in specified member accounts and organizational units (OUs). You can also enable specific standards and controls in those accounts and OUs. +This section doesn't apply to you if you use [central configuration](./central-configuration-intro.html). If you use central configuration, you can create configuration policies that enable Security Hub CSPM in specified member accounts and organizational units (OUs). You can also enable specific standards and controls in those accounts and OUs. @@ -13 +13 @@ This section doesn't apply to you if you use [central configuration](./central-c -You can't enable Security Hub in an account if it is already a member account within a different organization. +You can't enable Security Hub CSPM in an account if it is already a member account within a different organization. @@ -15 +15 @@ You can't enable Security Hub in an account if it is already a member account wi -You also can't enable Security Hub in an account that is currently suspended. If you try to enable the service in a suspended account, the account status changes to **Account Suspended**. +You also can't enable Security Hub CSPM in an account that is currently suspended. If you try to enable the service in a suspended account, the account status changes to **Account Suspended**. @@ -17 +17 @@ You also can't enable Security Hub in an account that is currently suspended. If - * If the account doesn't have Security Hub enabled, Security Hub is enabled in that account. The AWS Foundational Security Best Practices (FSBP) standard and CIS AWS Foundations Benchmark v1.2.0 also are enabled in the account unless your turn off default security standards. + * If the account doesn't have Security Hub CSPM enabled, Security Hub CSPM is enabled in that account. The AWS Foundational Security Best Practices (FSBP) standard and CIS AWS Foundations Benchmark v1.2.0 also are enabled in the account unless your turn off default security standards. @@ -19 +19 @@ You also can't enable Security Hub in an account that is currently suspended. If -The exception to this is the Organizations management account. Security Hub cannot be enabled automatically in the Organizations management account. You must manually enable Security Hub in the Organizations management account before you can add it as a member account. +The exception to this is the Organizations management account. Security Hub CSPM cannot be enabled automatically in the Organizations management account. You must manually enable Security Hub CSPM in the Organizations management account before you can add it as a member account. @@ -21 +21 @@ The exception to this is the Organizations management account. Security Hub cann - * If the account already has Security Hub enabled, Security Hub doesn't make any other changes to the account. It only enables the membership. + * If the account already has Security Hub CSPM enabled, Security Hub CSPM doesn't make any other changes to the account. It only enables the membership. @@ -26 +26 @@ The exception to this is the Organizations management account. Security Hub cann -In order for Security Hub to generate control findings, member accounts must have AWS Config enabled and configured to record required resources. For more information, see [Enabling and configuring AWS Config](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-prereq-config.html). +In order for Security Hub CSPM to generate control findings, member accounts must have AWS Config enabled and configured to record required resources. For more information, see [Enabling and configuring AWS Config](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-prereq-config.html). @@ -28 +28 @@ In order for Security Hub to generate control findings, member accounts must hav -Choose your preferred method, and follow the steps to enable an organization account as a Security Hub member account. +Choose your preferred method, and follow the steps to enable an organization account as a Security Hub CSPM member account. @@ -30 +30 @@ Choose your preferred method, and follow the steps to enable an organization acc -Security Hub console +Security Hub CSPM console @@ -33 +33 @@ Security Hub console -###### To manually enable organization accounts as Security Hub members +###### To manually enable organization accounts as Security Hub CSPM members @@ -35 +35 @@ Security Hub console - 1. Open the AWS Security Hub console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/). + 1. Open the AWS Security Hub Cloud Security Posture Management (CSPM) console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/). @@ -39 +39 @@ Sign in using the credentials of the delegated administrator account. - 2. In the Security Hub navigation pane, under **Settings** , choose **Configuration**. + 2. In the Security Hub CSPM navigation pane, under **Settings** , choose **Configuration**. @@ -48 +48 @@ Sign in using the credentials of the delegated administrator account. -Security Hub API +Security Hub CSPM API @@ -51 +51 @@ Security Hub API -**To manually enable organization accounts as Security Hub members** +**To manually enable organization accounts as Security Hub CSPM members** @@ -60 +60 @@ AWS CLI -**To manually enable organization accounts as Security Hub members** +**To manually enable organization accounts as Security Hub CSPM members** @@ -80 +80 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Automatically enabling Security Hub in new accounts +Automatically enabling Security Hub CSPM in new accounts