AWS securityhub documentation change
Summary
Updated documentation to reflect rebranding from 'Security Hub' to 'Security Hub CSPM' (Cloud Security Posture Management) throughout the file. Changed terminology, console references, API/CLI command contexts, and integration descriptions to emphasize CSPM capabilities.
Security assessment
The changes focus on rebranding and clarifying the CSPM aspect of Security Hub, which is inherently security-related as it deals with posture management. However, there is no evidence of addressing a specific security vulnerability or incident. The updates enhance documentation about existing security features rather than introducing new ones.
Diff
diff --git a/securityhub/latest/userguide/securityhub-settingup.md b/securityhub/latest/userguide/securityhub-settingup.md index ed4d7c52f..998011bb5 100644 --- a//securityhub/latest/userguide/securityhub-settingup.md +++ b//securityhub/latest/userguide/securityhub-settingup.md @@ -3 +3 @@ -[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[User Guide](what-is-securityhub.html) +[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[ User Guide ](what-is-security-hub-adv.html) @@ -5 +5 @@ -Verifying necessary permissionsEnabling Security Hub with Organizations integrationEnabling Security Hub manuallyNext steps: Posture management and integrations +Verifying necessary permissionsEnabling Security Hub CSPM with Organizations integrationEnabling Security Hub CSPM manuallyNext steps: Posture management and integrations @@ -7 +7 @@ Verifying necessary permissionsEnabling Security Hub with Organizations integrat -# Enabling Security Hub +# Enabling Security Hub CSPM @@ -9 +9 @@ Verifying necessary permissionsEnabling Security Hub with Organizations integrat -There are two ways to enable AWS Security Hub, by integrating with AWS Organizations or manually. +There are two ways to enable AWS Security Hub Cloud Security Posture Management (CSPM), by integrating with AWS Organizations or manually. @@ -11 +11 @@ There are two ways to enable AWS Security Hub, by integrating with AWS Organizat -We strongly recommend integrating with Organizations for multi-account and multi-Region environments. If you have a standalone account, it's necessary to set up Security Hub manually. +We strongly recommend integrating with Organizations for multi-account and multi-Region environments. If you have a standalone account, it's necessary to set up Security Hub CSPM manually. @@ -15 +15 @@ We strongly recommend integrating with Organizations for multi-account and multi -After you sign up for Amazon Web Services (AWS), you must enable Security Hub to use its capabilities and features. To enable Security Hub, you first have to set up permissions that allow you to access the Security Hub console and API operations. You or your AWS administrator can do this by using AWS Identity and Access Management (IAM) to attach the AWS managed policy called `AWSSecurityHubFullAccess` to your IAM identity. +After you sign up for Amazon Web Services (AWS), you must enable Security Hub CSPM to use its capabilities and features. To enable Security Hub CSPM, you first have to set up permissions that allow you to access the Security Hub CSPM console and API operations. You or your AWS administrator can do this by using AWS Identity and Access Management (IAM) to attach the AWS managed policy called `AWSSecurityHubFullAccess` to your IAM identity. @@ -17 +17 @@ After you sign up for Amazon Web Services (AWS), you must enable Security Hub to -To enable and manage Security Hub through the Organizations integration, you also should attach the AWS managed policy called `AWSSecurityHubOrganizationsAccess`. +To enable and manage Security Hub CSPM through the Organizations integration, you also should attach the AWS managed policy called `AWSSecurityHubOrganizationsAccess`. @@ -19 +19 @@ To enable and manage Security Hub through the Organizations integration, you als -For more information, see [AWS managed policies for AWS Security Hub](./security-iam-awsmanpol.html). +For more information, see [AWS managed policies for Security Hub](./security-iam-awsmanpol.html). @@ -21 +21 @@ For more information, see [AWS managed policies for AWS Security Hub](./security -## Enabling Security Hub with Organizations integration +## Enabling Security Hub CSPM with Organizations integration @@ -23 +23 @@ For more information, see [AWS managed policies for AWS Security Hub](./security -To start using Security Hub with AWS Organizations, the AWS Organizations management account for the organization designates an account as the delegated Security Hub administrator account for the organization. Security Hub is automatically enabled in the delegated administrator account in the current Region. +To start using Security Hub CSPM with AWS Organizations, the AWS Organizations management account for the organization designates an account as the delegated Security Hub CSPM administrator account for the organization. Security Hub CSPM is automatically enabled in the delegated administrator account in the current Region. @@ -27 +27 @@ Choose your preferred method, and follow the steps to designate the delegated ad -Security Hub console +Security Hub CSPM console @@ -30 +30 @@ Security Hub console -###### To designate the delegated Security Hub administrator when onboarding +###### To designate the delegated Security Hub CSPM administrator when onboarding @@ -32 +32 @@ Security Hub console - 1. Open the AWS Security Hub console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/). + 1. Open the AWS Security Hub Cloud Security Posture Management (CSPM) console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/). @@ -34 +34 @@ Security Hub console - 2. Choose **Go to Security Hub**. You're prompted to sign in to the Organizations management account. + 2. Choose **Go to Security Hub CSPM**. You're prompted to sign in to the Organizations management account. @@ -43 +43 @@ Security Hub console -Security Hub API +Security Hub CSPM API @@ -46 +46 @@ Security Hub API -Invoke the [`EnableOrganizationAdminAccount`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableOrganizationAdminAccount.html) API from the Organizations management account. Provide the AWS account ID of the Security Hub delegated administrator account. +Invoke the [`EnableOrganizationAdminAccount`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableOrganizationAdminAccount.html) API from the Organizations management account. Provide the AWS account ID of the Security Hub CSPM delegated administrator account. @@ -51 +51 @@ AWS CLI -Run the [`enable-organization-admin-account`](https://docs.aws.amazon.com/cli/latest/reference/securityhub/enable-organization-admin-account.html) command from the Organizations management account. Provide the AWS account ID of the Security Hub delegated administrator account. +Run the [`enable-organization-admin-account`](https://docs.aws.amazon.com/cli/latest/reference/securityhub/enable-organization-admin-account.html) command from the Organizations management account. Provide the AWS account ID of the Security Hub CSPM delegated administrator account. @@ -58 +58 @@ Run the [`enable-organization-admin-account`](https://docs.aws.amazon.com/cli/la -For more information about the integration with Organizations, see [Integrating Security Hub with AWS Organizations](./designate-orgs-admin-account.html). +For more information about the integration with Organizations, see [Integrating Security Hub CSPM with AWS Organizations](./designate-orgs-admin-account.html). @@ -62 +62 @@ For more information about the integration with Organizations, see [Integrating -When you integrate Security Hub and Organizations, you have the option to use a feature called [central configuration](./central-configuration-intro.html) to set up and manage Security Hub for your organization. We strongly recommend using central configuration because it lets the administrator customize security coverage for the organization. Where appropriate, the delegated administrator can allow a member account to configure its own security coverage settings. +When you integrate Security Hub CSPM and Organizations, you have the option to use a feature called [central configuration](./central-configuration-intro.html) to set up and manage Security Hub CSPM for your organization. We strongly recommend using central configuration because it lets the administrator customize security coverage for the organization. Where appropriate, the delegated administrator can allow a member account to configure its own security coverage settings. @@ -64 +64 @@ When you integrate Security Hub and Organizations, you have the option to use a -Central configuration lets the delegated administrator configure Security Hub across accounts, OUs, and AWS Regions. The delegated administrator configures Security Hub by creating configuration policies. Within a configuration policy, you can specify the following settings: +Central configuration lets the delegated administrator configure Security Hub CSPM across accounts, OUs, and AWS Regions. The delegated administrator configures Security Hub CSPM by creating configuration policies. Within a configuration policy, you can specify the following settings: @@ -66 +66 @@ Central configuration lets the delegated administrator configure Security Hub ac - * Whether Security Hub is enabled or disabled + * Whether Security Hub CSPM is enabled or disabled @@ -81 +81 @@ Member accounts and OUs that use a configuration policy are _centrally managed_ -If you don't use central configuration, you must largely configure Security Hub separately in each account and Region. This is called [local configuration](./local-configuration.html). Under local configuration, the delegated administrator can automatically enable Security Hub and a limited set of security standards in new organization accounts in the current Region. Local configuration doesn't apply to existing organization accounts or to Regions other than the current Region. Local configuration also doesn't support the use of configuration policies. +If you don't use central configuration, you must largely configure Security Hub CSPM separately in each account and Region. This is called [local configuration](./local-configuration.html). Under local configuration, the delegated administrator can automatically enable Security Hub CSPM and a limited set of security standards in new organization accounts in the current Region. Local configuration doesn't apply to existing organization accounts or to Regions other than the current Region. Local configuration also doesn't support the use of configuration policies. @@ -83 +83 @@ If you don't use central configuration, you must largely configure Security Hub -## Enabling Security Hub manually +## Enabling Security Hub CSPM manually @@ -85 +85 @@ If you don't use central configuration, you must largely configure Security Hub -You must enable Security Hub manually if you have a standalone account, or if you don't integrate with AWS Organizations. Standalone accounts can't integrate with AWS Organizations and must use manual enablement. +You must enable Security Hub CSPM manually if you have a standalone account, or if you don't integrate with AWS Organizations. Standalone accounts can't integrate with AWS Organizations and must use manual enablement. @@ -87 +87 @@ You must enable Security Hub manually if you have a standalone account, or if yo -When you enable Security Hub manually, you designate a Security Hub administrator account and invite other accounts to become member accounts. The administrator-member relationship is established when a prospective member account accepts the invitation. +When you enable Security Hub CSPM manually, you designate a Security Hub CSPM administrator account and invite other accounts to become member accounts. The administrator-member relationship is established when a prospective member account accepts the invitation. @@ -89 +89 @@ When you enable Security Hub manually, you designate a Security Hub administrato -Choose your preferred method, and follow the steps to enable Security Hub. When you enable Security Hub from the console, you also have the option to enable the supported security standards. +Choose your preferred method, and follow the steps to enable Security Hub CSPM. When you enable Security Hub CSPM from the console, you also have the option to enable the supported security standards. @@ -91 +91 @@ Choose your preferred method, and follow the steps to enable Security Hub. When -Security Hub console +Security Hub CSPM console @@ -94 +94 @@ Security Hub console - 1. Open the AWS Security Hub console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/). + 1. Open the AWS Security Hub Cloud Security Posture Management (CSPM) console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/). @@ -96 +96 @@ Security Hub console - 2. When you open the Security Hub console for the first time, choose **Go to Security Hub**. + 2. When you open the Security Hub CSPM console for the first time, choose **Go to Security Hub CSPM**. @@ -98 +98 @@ Security Hub console - 3. On the welcome page, the **Security standards** section lists the security standards that Security Hub supports. + 3. On the welcome page, the **Security standards** section lists the security standards that Security Hub CSPM supports. @@ -102 +102 @@ Select the check box for a standard to enable it, and clear the check box to dis -You can enable or disable a standard or its individual controls at any time. For information about managing security standards, see [Understanding security standards in Security Hub](./standards-view-manage.html). +You can enable or disable a standard or its individual controls at any time. For information about managing security standards, see [Understanding security standards in Security Hub CSPM](./standards-view-manage.html). @@ -109 +109 @@ You can enable or disable a standard or its individual controls at any time. For -Security Hub API +Security Hub CSPM API @@ -112 +112 @@ Security Hub API -Invoke the [`EnableSecurityHub`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableSecurityHub.html) API. When you enable Security Hub from the API, it automatically enables the following default security standards: +Invoke the [`EnableSecurityHub`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_EnableSecurityHub.html) API. When you enable Security Hub CSPM from the API, it automatically enables the following default security standards: @@ -149 +149 @@ Run the [`enable-security-hub`](https://docs.aws.amazon.com/cli/latest/reference -Instead of this script, we recommend using central configuration to enable and configure Security Hub across multiple accounts and Regions. +Instead of this script, we recommend using central configuration to enable and configure Security Hub CSPM across multiple accounts and Regions. @@ -151 +151 @@ Instead of this script, we recommend using central configuration to enable and c -The [Security Hub multi-account enablement script in GitHub](https://github.com/awslabs/aws-securityhub-multiaccount-scripts) allows you to enable Security Hub across accounts and Regions. The script also automates the process of sending invitations to member accounts and enabling AWS Config. +The [Security Hub CSPM multi-account enablement script in GitHub](https://github.com/awslabs/aws-securityhub-multiaccount-scripts) allows you to enable Security Hub CSPM across accounts and Regions. The script also automates the process of sending invitations to member accounts and enabling AWS Config. @@ -155 +155 @@ The script automatically enables AWS Config resource recording for all resources -There is a corresponding script to disable Security Hub across accounts and Regions. +There is a corresponding script to disable Security Hub CSPM across accounts and Regions. @@ -159 +159 @@ There is a corresponding script to disable Security Hub across accounts and Regi -After enabling Security Hub, we recommend enabling security standards and controls to monitor your security posture. After you enable controls, Security Hub begins running security checks and generating control findings that help you detect misconfigurations in your AWS environment. To receive control findings, you must enable and configure AWS Config for Security Hub. For more information, see [Enabling and configuring AWS Config for Security Hub](./securityhub-setup-prereqs.html). +After enabling Security Hub CSPM, we recommend enabling security standards and controls to monitor your security posture. After you enable controls, Security Hub CSPM begins running security checks and generating control findings that help you detect misconfigurations in your AWS environment. To receive control findings, you must enable and configure AWS Config for Security Hub CSPM. For more information, see [Enabling and configuring AWS Config for Security Hub CSPM](./securityhub-setup-prereqs.html). @@ -161 +161 @@ After enabling Security Hub, we recommend enabling security standards and contro -After enabling Security Hub, you can also leverage integrations between Security Hub and other AWS services and third-party solutions to see their findings in Security Hub. Security Hub aggregates findings from different sources and ingests them in a consistent format. For more information, see [Understanding integrations in Security Hub](./securityhub-findings-providers.html). +After enabling Security Hub CSPM, you can also leverage integrations between Security Hub CSPM and other AWS services and third-party solutions to see their findings in Security Hub CSPM. Security Hub CSPM aggregates findings from different sources and ingests them in a consistent format. For more information, see [Understanding integrations in Security Hub CSPM](./securityhub-findings-providers.html). @@ -169 +169 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Security Hub concepts +Security Hub CSPM concepts @@ -171 +171 @@ Security Hub concepts -Configuring AWS Config for Security Hub +Configuring AWS Config for Security Hub CSPM