AWS securityhub documentation change
Summary
Updated documentation to clarify that Security Hub CSPM stops generating/updating findings when disabled or when accounts are suspended
Security assessment
The changes clarify existing behavior around findings management but do not address security vulnerabilities or introduce new security features. The updates refine operational details rather than security aspects.
Diff
diff --git a/securityhub/latest/userguide/securityhub-data-retention.md b/securityhub/latest/userguide/securityhub-data-retention.md index 9aa9e199b..e1c6212d0 100644 --- a//securityhub/latest/userguide/securityhub-data-retention.md +++ b//securityhub/latest/userguide/securityhub-data-retention.md @@ -15 +15 @@ If you use [central configuration](./central-configuration-intro.html), the dele -No findings are generated for the administrator account if Security Hub CSPM is disabled in the administrator account. Existing archived findings are deleted after 30 days. Existing active findings are deleted after 90 days. +No findings are generated or updated for the administrator account if Security Hub CSPM is disabled in the administrator account. Existing archived findings are deleted after 30 days. Existing active findings are deleted after 90 days. @@ -43 +43 @@ In the **Accounts** list for the Security Hub CSPM administrator account, a remo -When an AWS account is suspended, the account loses permission to view their findings in Security Hub CSPM. No findings are generated for that account. The administrator account for a suspended account can view existing findings for the account. +When an AWS account is suspended, the account loses permission to view their findings in Security Hub CSPM. No findings are generated or updated for that account. The administrator account for a suspended account can view existing findings for the account.