AWS securityhub documentation change
Summary
Updated documentation to reflect rebranding from 'Security Hub' to 'Security Hub CSPM' (Cloud Security Posture Management) throughout the text, including service references, administrator roles, and console/API terminology
Security assessment
The changes are branding/terminology updates rather than addressing vulnerabilities or adding security features. While CSPM relates to security posture management, the modifications only rename existing functionality without introducing new security controls or addressing specific vulnerabilities.
Diff
diff --git a/securityhub/latest/userguide/standards-view-manage.md b/securityhub/latest/userguide/standards-view-manage.md index be0364f15..240c78366 100644 --- a//securityhub/latest/userguide/standards-view-manage.md +++ b//securityhub/latest/userguide/standards-view-manage.md @@ -3 +3 @@ -[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[User Guide](what-is-securityhub.html) +[Documentation](/index.html)[AWS Security Hub](/securityhub/index.html)[ User Guide ](what-is-security-hub-adv.html) @@ -5 +5 @@ -# Understanding security standards in Security Hub +# Understanding security standards in Security Hub CSPM @@ -7 +7 @@ -In AWS Security Hub, a _security standard_ is a set of requirements that's based on regulatory frameworks, industry best practices, or company policies. For details about the standards that Security Hub currently supports, including the security controls that apply to each one, see the [Security Hub standards reference](./standards-reference.html). +In AWS Security Hub Cloud Security Posture Management (CSPM), a _security standard_ is a set of requirements that's based on regulatory frameworks, industry best practices, or company policies. For details about the standards that Security Hub CSPM currently supports, including the security controls that apply to each one, see the [Standards reference for Security Hub CSPM](./standards-reference.html). @@ -9 +9 @@ In AWS Security Hub, a _security standard_ is a set of requirements that's based -When you enable a standard, Security Hub automatically enables all the controls that apply to the standard. Security Hub then runs security checks on the controls, which generates Security Hub findings. You can disable and later re-enable individual controls as necessary. You can also disable a standard completely. If you disable a standard, Security Hub stops running security checks on controls that apply to the standard. Findings are no longer generated for the controls. +When you enable a standard, Security Hub CSPM automatically enables all the controls that apply to the standard. Security Hub CSPM then runs security checks on the controls, which generates Security Hub CSPM findings. You can disable and later re-enable individual controls as necessary. You can also disable a standard completely. If you disable a standard, Security Hub CSPM stops running security checks on controls that apply to the standard. Findings are no longer generated for the controls. @@ -11 +11 @@ When you enable a standard, Security Hub automatically enables all the controls -In addition to findings, Security Hub generates a security score for each standard that you enable. The score is based on the status of the controls that apply to the standard. If you set an aggregation Region, the security score for a standard reflects the status of the controls across all linked Regions. If you're the Security Hub administrator for an organization, the score reflects the status of the controls for all the accounts in your organization. For more information, see [Calculating security scores](./standards-security-score.html). +In addition to findings, Security Hub CSPM generates a security score for each standard that you enable. The score is based on the status of the controls that apply to the standard. If you set an aggregation Region, the security score for a standard reflects the status of the controls across all linked Regions. If you're the Security Hub CSPM administrator for an organization, the score reflects the status of the controls for all the accounts in your organization. For more information, see [Calculating security scores](./standards-security-score.html). @@ -13 +13 @@ In addition to findings, Security Hub generates a security score for each standa -To review and manage standards, you can use the Security Hub console or the Security Hub API. On the console, the **Security standards** page shows all the security standards that Security Hub currently supports. This includes a description of each standard and the current status of the standard. If you enable a standard, you can also use this page to access additional details for the standard. For example, you can review: +To review and manage standards, you can use the Security Hub CSPM console or the Security Hub CSPM API. On the console, the **Security standards** page shows all the security standards that Security Hub CSPM currently supports. This includes a description of each standard and the current status of the standard. If you enable a standard, you can also use this page to access additional details for the standard. For example, you can review: @@ -28 +28 @@ For deeper analysis, you can filter and sort the data, and drill down to review -You can enable standards individually for a single account and AWS Region. However, to save time and reduce configuration drift in multi-account and multi-Region environments, we recommend using [central configuration](./central-configuration-intro.html) to enable and manage standards. With central configuration, the delegated Security Hub administrator can create policies that specify how to configure a standard across multiple accounts and Regions. +You can enable standards individually for a single account and AWS Region. However, to save time and reduce configuration drift in multi-account and multi-Region environments, we recommend using [central configuration](./central-configuration-intro.html) to enable and manage standards. With central configuration, the delegated Security Hub CSPM administrator can create policies that specify how to configure a standard across multiple accounts and Regions.