AWS securityhub documentation change
Summary
Added clarification that existing findings are no longer updated when a control is disabled and minor wording changes
Security assessment
Clarifies behavior of security controls but does not address a specific vulnerability. Explains operational aspects of security feature management.
Diff
diff --git a/securityhub/latest/userguide/disable-controls-overview.md b/securityhub/latest/userguide/disable-controls-overview.md index 5ddd0acfb..b56ee8f55 100644 --- a//securityhub/latest/userguide/disable-controls-overview.md +++ b//securityhub/latest/userguide/disable-controls-overview.md @@ -14,0 +15,2 @@ If you disable a control across all standards, the following occurs: + * Existing findings are no longer updated for the control. + @@ -26 +28 @@ If you disable a standard, all of the controls that apply to the standard are di -Disabling a control isn't a permanent action. Suppose you disable a control, and then enable a standard that includes the control. The control is then enabled for that standard. When you enable a standard in Security Hub CSPM, all of the controls that apply to that standard are automatically enabled. For information about enabling a standard, see [Enabling a standard](./enable-standards.html). +Disabling a control isn't a permanent action. Suppose you disable a control, and then enable a standard that includes the control. The control is then enabled for that standard. When you enable a standard in Security Hub CSPM, all the controls that apply to the standard are automatically enabled. For information about enabling a standard, see [Enabling a standard](./enable-standards.html).