AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-06-19 · Documentation low

File: securityhub/latest/userguide/securityhub-standards-control-details.md

Summary

Updated documentation to reflect rebranding of 'Security Hub' to 'Security Hub CSPM' (Cloud Security Posture Management) across console references, API/CLI terminology, and links. Added CSPM-specific context to control details and navigation instructions.

Security assessment

Changes are purely terminological updates (Security Hub → Security Hub CSPM) and documentation link adjustments. No evidence of addressing vulnerabilities, security incidents, or introducing new security capabilities. Updates appear to align with product naming conventions rather than security fixes.

Diff

diff --git a/securityhub/latest/userguide/securityhub-standards-control-details.md b/securityhub/latest/userguide/securityhub-standards-control-details.md
index 51854f48c..99865cf9b 100644
--- a//securityhub/latest/userguide/securityhub-standards-control-details.md
+++ b//securityhub/latest/userguide/securityhub-standards-control-details.md
@@ -3 +3 @@
-[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[User Guide](what-is-securityhub.html)
+[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[ User Guide ](what-is-security-hub-adv.html)
@@ -7 +7 @@ Viewing details for a control
-# Reviewing the details of controls
+# Reviewing the details of controls in Security Hub CSPM
@@ -9 +9 @@ Viewing details for a control
-Selecting an AWS Security Hub control on the **Controls** page or standard details page of the Security Hub console takes you to a page of control details.
+Selecting an AWS Security Hub Cloud Security Posture Management (CSPM) control on the **Controls** page or standard details page of the Security Hub CSPM console takes you to a page of control details.
@@ -11 +11 @@ Selecting an AWS Security Hub control on the **Controls** page or standard detai
-The top of the control details page tells you the control status. The control status summarizes the performance of a control based on the compliance status of the control findings. Security Hub typically generates the initial control status within 30 minutes after your first visit to the **Summary** page or **Security standards** page on the Security Hub console. Statuses are only available for controls that are enabled when you visit those pages.
+The top of the control details page tells you the control status. The control status summarizes the performance of a control based on the compliance status of the control findings. Security Hub CSPM typically generates the initial control status within 30 minutes after your first visit to the **Summary** page or **Security standards** page on the Security Hub CSPM console. Statuses are only available for controls that are enabled when you visit those pages.
@@ -13 +13 @@ The top of the control details page tells you the control status. The control st
-The control details page also provides a breakdown of the compliance status of the control findings in the last 24 hours. For more information about control status and compliance status, see [Evaluating compliance status and control status in Security Hub](./controls-overall-status.html).
+The control details page also provides a breakdown of the compliance status of the control findings in the last 24 hours. For more information about control status and compliance status, see [Evaluating compliance status and control status](./controls-overall-status.html).
@@ -15 +15 @@ The control details page also provides a breakdown of the compliance status of t
-AWS Config resource recording must be configured for the control status to appear. After control statuses are generated for the first time, Security Hub updates the control status every 24 hours based on the findings from the previous 24 hours.
+AWS Config resource recording must be configured for the control status to appear. After control statuses are generated for the first time, Security Hub CSPM updates the control status every 24 hours based on the findings from the previous 24 hours.
@@ -17 +17 @@ AWS Config resource recording must be configured for the control status to appea
-Administrator accounts see an aggregated control status across the administrator account and member accounts. If you have set an aggregation Region, the control status includes findings across all linked Regions. For more information about control status, see [Evaluating compliance status and control status in Security Hub](./controls-overall-status.html).
+Administrator accounts see an aggregated control status across the administrator account and member accounts. If you have set an aggregation Region, the control status includes findings across all linked Regions. For more information about control status, see [Evaluating compliance status and control status](./controls-overall-status.html).
@@ -27 +27 @@ The **Standards and Requirements** tab lists the standards that a control can be
-The **Checks** tab lists the active findings for the control in the last 24 hours. Control findings are generated when Security Hub runs security checks against the control. The control finding list doesn't include archived findings.
+The **Checks** tab lists the active findings for the control in the last 24 hours. Control findings are generated when Security Hub CSPM runs security checks against the control. The control finding list doesn't include archived findings.
@@ -29 +29 @@ The **Checks** tab lists the active findings for the control in the last 24 hour
-For each finding, the list provides access to finding details such as the compliance status and related resource. You can also set the workflow status of each finding and send findings to custom actions. For more information, see [Reviewing and managing control findings](./securityhub-control-manage-findings.html).
+For each finding, the list provides access to finding details such as the compliance status and related resource. You can also set the workflow status of each finding and send findings to custom actions. For more information, see [Reviewing and managing control findings in Security Hub CSPM](./securityhub-control-manage-findings.html).
@@ -43 +43 @@ Choose your preferred access method, and follow these steps to view details for
-  * (On the console) A list of recent findings for the control. When using the Security Hub API or AWS CLI, use [`GetFindings`](https://docs.aws.amazon.com/securityhub/latest/userguide/finding-retrieve-api-cli.html) to retrieve control findings.
+  * (On the console) A list of recent findings for the control. When using the Security Hub CSPM API or AWS CLI, use [`GetFindings`](https://docs.aws.amazon.com/securityhub/latest/userguide/finding-retrieve-api-cli.html) to retrieve control findings.
@@ -48 +48 @@ Choose your preferred access method, and follow these steps to view details for
-Security Hub console
+Security Hub CSPM console
@@ -51 +51 @@ Security Hub console
-  1. Open the AWS Security Hub console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/).
+  1. Open the AWS Security Hub Cloud Security Posture Management (CSPM) console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/).
@@ -60 +60 @@ Security Hub console
-Security Hub API
+Security Hub CSPM API
@@ -63 +63 @@ Security Hub API
-  1. Run `[`ListSecurityControlDefinitions`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListSecurityControlDefinitions.html)`, and provide one or more standard ARNs to get a list of control IDs for that standard. To obtain standard ARNs, run [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html). If you don't provide a standard ARN, this API returns all Security Hub control IDs. This API returns standard-agnostic security control IDs, not the standard-based control IDs that existed prior to these feature releases.
+  1. Run `[`ListSecurityControlDefinitions`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_ListSecurityControlDefinitions.html)`, and provide one or more standard ARNs to get a list of control IDs for that standard. To obtain standard ARNs, run [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html). If you don't provide a standard ARN, this API returns all Security Hub CSPM control IDs. This API returns standard-agnostic security control IDs, not the standard-based control IDs that existed prior to these feature releases.
@@ -85 +85 @@ AWS CLI
-  1. Run the `[`list-security-control-definitions`](https://docs.aws.amazon.com/cli/latest/reference/securityhub/list-security-control-definitions.html)` command, and provide one or more standard ARNs to get a list of control IDs. To obtain standard ARNs, run the `describe-standards` command. If you don't provide a standard ARN, this command returns all Security Hub control IDs. This command returns standard-agnostic security control IDs, not the standard-based control IDs that existed prior to these feature releases.
+  1. Run the `[`list-security-control-definitions`](https://docs.aws.amazon.com/cli/latest/reference/securityhub/list-security-control-definitions.html)` command, and provide one or more standard ARNs to get a list of control IDs. To obtain standard ARNs, run the `describe-standards` command. If you don't provide a standard ARN, this command returns all Security Hub CSPM control IDs. This command returns standard-agnostic security control IDs, not the standard-based control IDs that existed prior to these feature releases.