AWS securityhub documentation change
Summary
Updated documentation to consistently reference 'Security Hub CSPM' instead of generic 'Security Hub', including API references, console references, and integration examples. Added CSPM branding to documentation links and blog post references.
Security assessment
Changes primarily involve branding updates (adding CSPM references) and documentation link updates. No specific security vulnerabilities or weaknesses are addressed. The updates clarify the service context but don't introduce new security features or address known security issues.
Diff
diff --git a/securityhub/latest/userguide/securityhub-custom-providers.md b/securityhub/latest/userguide/securityhub-custom-providers.md index 47b5f1df1..4fbb5d431 100644 --- a//securityhub/latest/userguide/securityhub-custom-providers.md +++ b//securityhub/latest/userguide/securityhub-custom-providers.md @@ -3 +3 @@ -[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[User Guide](what-is-securityhub.html) +[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[ User Guide ](what-is-security-hub-adv.html) @@ -7 +7 @@ Requirements and recommendations for custom product integrationsUpdating finding -# Integrating Security Hub with custom products +# Integrating Security Hub CSPM with custom products @@ -9 +9 @@ Requirements and recommendations for custom product integrationsUpdating finding -In addition to findings generated by integrated AWS services and third-party products, AWS Security Hub can consume findings that are generated by other custom security products. +In addition to findings generated by integrated AWS services and third-party products, AWS Security Hub Cloud Security Posture Management (CSPM) can consume findings that are generated by other custom security products. @@ -11 +11 @@ In addition to findings generated by integrated AWS services and third-party pro -You can send these findings to Security Hub by using the [BatchImportFindings](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html) operation of the Security Hub API. You can use the same operation to update findings from custom products that you already sent to Security Hub. +You can send these findings to Security Hub CSPM by using the [BatchImportFindings](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html) operation of the Security Hub CSPM API. You can use the same operation to update findings from custom products that you already sent to Security Hub CSPM. @@ -13 +13 @@ You can send these findings to Security Hub by using the [BatchImportFindings](h -When setting up the custom integration, use the [guidelines and checklists](https://docs.aws.amazon.com/securityhub/latest/partnerguide/integration-guidelines-checklists.html) provided in the _Security Hub Partner Integration Guide_. +When setting up the custom integration, use the [guidelines and checklists](https://docs.aws.amazon.com/securityhub/latest/partnerguide/integration-guidelines-checklists.html) provided in the _Security Hub CSPM Partner Integration Guide_. @@ -17 +17 @@ When setting up the custom integration, use the [guidelines and checklists](http -Before you can successfully invoke the [`BatchImportFindings`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html) API operation, you must enable Security Hub. +Before you can successfully invoke the [`BatchImportFindings`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html) API operation, you must enable Security Hub CSPM. @@ -24 +24 @@ You must also provide finding details for the custom product using the [AWS Secu -When you enable Security Hub, a default product Amazon Resource Name (ARN) for Security Hub is generated in your current account. +When you enable Security Hub CSPM, a default product Amazon Resource Name (ARN) for Security Hub CSPM is generated in your current account. @@ -33 +33 @@ Use this product ARN as the value for the [`ProductArn`](https://docs.aws.amazon -You can use `BatchImportFindings` to set a preferred company name and product name for the custom integration that is sending findings to Security Hub. +You can use `BatchImportFindings` to set a preferred company name and product name for the custom integration that is sending findings to Security Hub CSPM. @@ -35 +35 @@ You can use `BatchImportFindings` to set a preferred company name and product na -Your specified names replace the preconfigured company name and product name, called personal name and default name respectively, and appear in the Security Hub console and the JSON of each finding. See [BatchImportFindings for finding providers](./finding-update-batchimportfindings.html). +Your specified names replace the preconfigured company name and product name, called personal name and default name respectively, and appear in the Security Hub CSPM console and the JSON of each finding. See [BatchImportFindings for finding providers](./finding-update-batchimportfindings.html). @@ -42 +42 @@ You must supply, manage, and increment your own finding IDs, using the [`Id`](ht -Each new finding should have a unique finding ID. If the custom product sends multiple findings with the same finding ID, Security Hub only processes the first finding. +Each new finding should have a unique finding ID. If the custom product sends multiple findings with the same finding ID, Security Hub CSPM only processes the first finding. @@ -64 +64 @@ You can use the following example custom product integrations as a guide to crea -**Sending findings from Chef InSpec scans to Security Hub** +**Sending findings from Chef InSpec scans to Security Hub CSPM** @@ -67 +67 @@ You can use the following example custom product integrations as a guide to crea -You can create an AWS CloudFormation template that runs a Chef InSpec compliance scan and then sends findings to Security Hub. +You can create an AWS CloudFormation template that runs a Chef InSpec compliance scan and then sends findings to Security Hub CSPM. @@ -69 +69 @@ You can create an AWS CloudFormation template that runs a Chef InSpec compliance -For more details, see [Continuous compliance monitoring with Chef InSpec and AWS Security Hub](https://aws.amazon.com/blogs/security/continuous-compliance-monitoring-with-chef-inspec-and-aws-security-hub/). +For more details, see [Continuous compliance monitoring with Chef InSpec and AWS Security Hub Cloud Security Posture Management (CSPM)](https://aws.amazon.com/blogs/security/continuous-compliance-monitoring-with-chef-inspec-and-aws-security-hub/). @@ -71 +71 @@ For more details, see [Continuous compliance monitoring with Chef InSpec and AWS -**Sending container vulnerabilities detected by Trivy to Security Hub** +**Sending container vulnerabilities detected by Trivy to Security Hub CSPM** @@ -74 +74 @@ For more details, see [Continuous compliance monitoring with Chef InSpec and AWS -You can create an AWS CloudFormation template that uses AquaSecurity Trivy to scan containers for vulnerabilities, and then sends those vulnerability findings to Security Hub. +You can create an AWS CloudFormation template that uses AquaSecurity Trivy to scan containers for vulnerabilities, and then sends those vulnerability findings to Security Hub CSPM. @@ -76 +76 @@ You can create an AWS CloudFormation template that uses AquaSecurity Trivy to sc -For more details, see [How to build a CI/CD pipeline for container vulnerability scanning with Trivy andAWS Security Hub](https://aws.amazon.com/blogs/security/how-to-build-ci-cd-pipeline-container-vulnerability-scanning-trivy-and-aws-security-hub/). +For more details, see [How to build a CI/CD pipeline for container vulnerability scanning with Trivy andAWS Security Hub Cloud Security Posture Management (CSPM)](https://aws.amazon.com/blogs/security/how-to-build-ci-cd-pipeline-container-vulnerability-scanning-trivy-and-aws-security-hub/). @@ -86 +86 @@ Third-party integrations -Findings +CSPM findings