AWS securityhub documentation change
Summary
Added reference to GetFindingsV2 API, clarified product/company names, added remediation documentation link
Security assessment
The change adds a remediation documentation link which enhances security guidance but does not address a specific vulnerability. Product/company name clarifications are administrative updates.
Diff
diff --git a/securityhub/latest/userguide/exposure-findings-review.md b/securityhub/latest/userguide/exposure-findings-review.md index 3d1447536..7f5cb7b12 100644 --- a//securityhub/latest/userguide/exposure-findings-review.md +++ b//securityhub/latest/userguide/exposure-findings-review.md @@ -13 +13 @@ Security Hub is in preview release and is subject to change. -You can review all of your exposure findings in the AWS Security Hub console and with the API. The **Exposures** page in the Security Hub console shows all active exposure findings. Exposure findings are listed by decreasing severity. You can filter your exposure findings by adding and removing filters with the **Add filter** search bar. You can group your exposure findings with the **Group by** dropdown. You can also filter your exposure findings with the **Quick filters** menu. +You can review all of your exposure findings in the AWS Security Hub console and with the [`GetFindingsV2`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingsV2.html) API. The **Exposures** page in the Security Hub console shows all active exposure findings. Exposure findings are listed by decreasing severity. You can filter your exposure findings by adding and removing filters with the **Add filter** search bar. You can group your exposure findings with the **Group by** dropdown. You can also filter your exposure findings with the **Quick filters** menu. @@ -17 +17 @@ You can review all of your exposure findings in the AWS Security Hub console and -You can view many details for an exposure finding. In the Security Hub console, these details are divided among tabs. The **Overview** tab provides a snapshot of the exposure finding. The **Traits** tab lists the traits and signals associated with an exposure finding. The **Resources** tab provides details about the resource and resource tags associated with an exposure finding. The following list provides descriptions for exposure finding details. +You can view many details for an exposure finding. These details are divided among tabs in the Security Hub console. The **Overview** tab provides key details about the exposure finding. The **Traits** tab lists the traits and signals associated with an exposure finding. The **Resources** tab provides details about the resource and resource tags associated with an exposure finding. The following list provides descriptions for exposure finding details. @@ -25 +25 @@ You can view many details for an exposure finding. In the Security Hub console, - * **Type** – The name of the exposure finding type. For example, the name might resemble something like `Exposure/Potential Impact/Resource Hijacking`. + * **Type** – The name of the exposure finding type. For example, the name might resemble `Exposure/Potential Impact/Resource Hijacking`. @@ -37 +37 @@ You can view many details for an exposure finding. In the Security Hub console, - * **Product name** – The name of the product that generated the exposure finding. + * **Product name** – The name of the product that generated the exposure finding. This will always be **Security Hub Exposure Detection**. @@ -39 +39 @@ You can view many details for an exposure finding. In the Security Hub console, - * **Company name** – The name of the company that generated the exposure finding. + * **Company name** – The name of the company that generated the exposure finding. This will always be **AWS**. @@ -41 +41 @@ You can view many details for an exposure finding. In the Security Hub console, - * **Activity name** – The name of the activity. + * **Activity name** – The name of the activity last performed against the finding. @@ -47 +47 @@ You can view many details for an exposure finding. In the Security Hub console, - * **Potential attack path (console only)** – An interactive visualization shows how potential attackers can access and take control of resources associated with an exposure finding. For more information, [Viewing exposures in Security Hub with the potential attack path graph](https://docs.aws.amazon.com/securityhub/latest/userguide/security-hub-v2-potential-attack-path-graph.html). + * **Potential attack path (console only)** – An interactive visualization showing how potential attackers can access and take control of resources associated with an exposure finding. For more information, [Viewing exposures in Security Hub with the potential attack path graph](https://docs.aws.amazon.com/securityhub/latest/userguide/security-hub-v2-potential-attack-path-graph.html). @@ -50,0 +51,2 @@ You can view many details for an exposure finding. In the Security Hub console, + * **Remediation** – Links to remediation documentation specific to traits identified in the exposure. +