AWS securityhub documentation change
Summary
Updated documentation to reflect rebranding of Security Hub's NIST SP 800-53 controls as part of Cloud Security Posture Management (CSPM). Changed references from 'Security Hub' to 'Security Hub CSPM' throughout the document and updated navigation links.
Security assessment
The changes primarily involve rebranding and clarifying that NIST SP 800-53 controls are part of the CSPM offering. There's no indication of addressing vulnerabilities or security incidents. Updates focus on product naming consistency rather than introducing new security features or addressing specific security flaws.
Diff
diff --git a/securityhub/latest/userguide/standards-reference-nist-800-53.md b/securityhub/latest/userguide/standards-reference-nist-800-53.md index 75e701b19..66fcc61d1 100644 --- a//securityhub/latest/userguide/standards-reference-nist-800-53.md +++ b//securityhub/latest/userguide/standards-reference-nist-800-53.md @@ -3 +3 @@ -[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[User Guide](what-is-securityhub.html) +[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[ User Guide ](what-is-security-hub-adv.html) @@ -7 +7 @@ Configuring resource recording for the standardDetermining which controls apply -# NIST SP 800-53 Revision 5 in Security Hub +# NIST SP 800-53 Revision 5 in Security Hub CSPM @@ -11 +11 @@ NIST Special Publication 800-53 Revision 5 (NIST SP 800-53 Rev. 5) is a cybersec -AWS Security Hub provides security controls that support a subset of NIST SP 800-53 Revision 5 requirements. The controls perform automated security checks for certain AWS services and resources. To enable and manage these controls, you can enable the NIST SP 800-53 Revision 5 framework as a standard in Security Hub. Note that the controls don't support NIST SP 800-53 Revision 5 requirements that require manual checks. +AWS Security Hub Cloud Security Posture Management (CSPM) provides security controls that support a subset of NIST SP 800-53 Revision 5 requirements. The controls perform automated security checks for certain AWS services and resources. To enable and manage these controls, you can enable the NIST SP 800-53 Revision 5 framework as a standard in Security Hub CSPM. Note that the controls don't support NIST SP 800-53 Revision 5 requirements that require manual checks. @@ -13 +13 @@ AWS Security Hub provides security controls that support a subset of NIST SP 800 -Unlike other frameworks, the NIST SP 800-53 Revision 5 framework isn't prescriptive about how its requirements should be evaluated. Instead, the framework provides guidelines. In Security Hub, the NIST SP 800-53 Revision 5 standard and controls represent the service's understanding of these guidelines. +Unlike other frameworks, the NIST SP 800-53 Revision 5 framework isn't prescriptive about how its requirements should be evaluated. Instead, the framework provides guidelines. In Security Hub CSPM, the NIST SP 800-53 Revision 5 standard and controls represent the service's understanding of these guidelines. @@ -26 +26 @@ Unlike other frameworks, the NIST SP 800-53 Revision 5 framework isn't prescript -To optimize coverage and the accuracy of findings, it's important to enable and configure resource recording in AWS Config before you enable the NIST SP 800-53 Revision 5 standard in AWS Security Hub. When you configure resource recording, also be sure to enable it for all the types of AWS resources that are checked by controls that apply to the standard. This is primarily for controls that have a _change triggered_ schedule type. However, some controls with a _periodic_ schedule type also require resource recording. If resource recording isn't enabled or configured correctly, Security Hub might not be able to evaluate the appropriate resources, and generate accurate findings for controls that apply to the standard. +To optimize coverage and the accuracy of findings, it's important to enable and configure resource recording in AWS Config before you enable the NIST SP 800-53 Revision 5 standard in AWS Security Hub Cloud Security Posture Management (CSPM). When you configure resource recording, also be sure to enable it for all the types of AWS resources that are checked by controls that apply to the standard. This is primarily for controls that have a _change triggered_ schedule type. However, some controls with a _periodic_ schedule type also require resource recording. If resource recording isn't enabled or configured correctly, Security Hub CSPM might not be able to evaluate the appropriate resources, and generate accurate findings for controls that apply to the standard. @@ -28 +28 @@ To optimize coverage and the accuracy of findings, it's important to enable and -For information about how Security Hub uses resource recording in AWS Config, see [Enabling and configuring AWS Config for Security Hub](./securityhub-setup-prereqs.html). For information about configuring resource recording in AWS Config, see [Working with the configuration recorder](https://docs.aws.amazon.com/config/latest/developerguide/stop-start-recorder.html) in the _AWS Config Developer Guide_. +For information about how Security Hub CSPM uses resource recording in AWS Config, see [Enabling and configuring AWS Config for Security Hub CSPM](./securityhub-setup-prereqs.html). For information about configuring resource recording in AWS Config, see [Working with the configuration recorder](https://docs.aws.amazon.com/config/latest/developerguide/stop-start-recorder.html) in the _AWS Config Developer Guide_. @@ -30 +30 @@ For information about how Security Hub uses resource recording in AWS Config, se -The following table specifies the types of resources to record for controls that apply to the NIST SP 800-53 Revision 5 standard in Security Hub. +The following table specifies the types of resources to record for controls that apply to the NIST SP 800-53 Revision 5 standard in Security Hub CSPM. @@ -79 +79 @@ AWS WAF | `AWS::WAF::Rule`, `AWS::WAF::RuleGroup`, `AWS::WAF::WebACL`, `AWS::WA -The following list specifies the controls that support NIST SP 800-53 Revision 5 requirements and apply to the NIST SP 800-53 Revision 5 standard in AWS Security Hub. For details about specific requirements that a control supports, choose the control. Then refer to the **Related requirements** field in the details for the control. This field specifies each NIST requirement that the control supports. If the field doesn't specify a particular NIST requirement, the control doesn't support the requirement. +The following list specifies the controls that support NIST SP 800-53 Revision 5 requirements and apply to the NIST SP 800-53 Revision 5 standard in AWS Security Hub Cloud Security Posture Management (CSPM). For details about specific requirements that a control supports, choose the control. Then refer to the **Related requirements** field in the details for the control. This field specifies each NIST requirement that the control supports. If the field doesn't specify a particular NIST requirement, the control doesn't support the requirement.