AWS securityhub documentation change
Summary
Enhanced documentation about disabling Security Hub CSPM, including specificity about standards/controls affected and findings ingestion behavior
Security assessment
The changes improve clarity about security feature management (disabling CSPM) but do not indicate resolution of security vulnerabilities. The updates document existing security controls rather than addressing new risks.
Diff
diff --git a/securityhub/latest/userguide/securityhub-disable.md b/securityhub/latest/userguide/securityhub-disable.md index c881b2312..bc75c9c56 100644 --- a//securityhub/latest/userguide/securityhub-disable.md +++ b//securityhub/latest/userguide/securityhub-disable.md @@ -9 +9 @@ You can disable AWS Security Hub Cloud Security Posture Management (CSPM) by usi -If your organization uses central configuration, the delegated Security Hub CSPM administrator can create configuration policies that disable Security Hub CSPM for specific accounts and organizational units (OUs), and keep Security Hub CSPM enabled for others. Configuration policies affect the home Region and all linked Regions. For more information, see [Understanding central configuration in Security Hub CSPM](./central-configuration-intro.html). +If your organization uses central configuration, the delegated Security Hub CSPM administrator can create configuration policies that disable Security Hub CSPM for specific accounts and organizational units (OUs) and keep Security Hub CSPM enabled for others. Configuration policies affect the home Region and all linked Regions. For more information, see [Understanding central configuration in Security Hub CSPM](./central-configuration-intro.html). @@ -13 +13 @@ If you disable Security Hub CSPM for an account, the following occurs: - * All standards and controls are disabled for the account. + * All Security Hub CSPM standards and controls are disabled for the account. @@ -15 +15 @@ If you disable Security Hub CSPM for an account, the following occurs: - * Security Hub CSPM stops generating and ingesting new findings for the account. + * Security Hub CSPM stops generating, updating, and ingesting findings for the account. @@ -30 +30 @@ If you re-enable Security Hub CSPM within 90 days of disabling it for an account - * Change the workflow status of all existing findings to `RESOLVED` before you disable Security Hub CSPM. For more information, see [Setting the workflow status of findings in Security Hub CSPM](./findings-workflow-status.html). + * Change the workflow status of all existing findings to `RESOLVED` before you disable Security Hub CSPM. For more information, see [Setting the workflow status of findings](./findings-workflow-status.html). @@ -32 +32 @@ If you re-enable Security Hub CSPM within 90 days of disabling it for an account - * Disable all standards at least six days before you disable Security Hub CSPM. Security Hub CSPM then archives all existing findings on a best-effort basis, typically within three to five days. For more information, see [Disabling a security standard](./disable-standards.html). + * Disable all standards at least six days before you disable Security Hub CSPM. Security Hub CSPM then archives all existing findings on a best-effort basis, typically within three to five days. For more information, see [Disabling a standard](./disable-standards.html).