AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-10-16 · Documentation low

File: securityhub/latest/userguide/ocsf-findings.md

Summary

Removed statement about OCSF formatting for all findings and updated section title

Security assessment

The removal of the OCSF formatting claim does not directly impact security, and the title change reflects content reorganization rather than security updates.

Diff

diff --git a/securityhub/latest/userguide/ocsf-findings.md b/securityhub/latest/userguide/ocsf-findings.md
index e87222f18..99554da30 100644
--- a//securityhub/latest/userguide/ocsf-findings.md
+++ b//securityhub/latest/userguide/ocsf-findings.md
@@ -11 +11 @@ Security Hub is in preview release and is subject to change.
-All findings in Security Hub are formatted in the Open Cybersecurity Schema Framework (OCSF). Security Hub considers findings with `activity_name != Close` as active findings. Active findings are automatically deleted if they aren’t updated in 90 days. Security Hub considers findings with `Activity_name = Close` as closed findings. Closed findings are automatically deleted if they aren’t updated in 14 days. Security Hub determines when a finding is updated using the most recent value of the finding `modified_time_dt`. At the end of a finding’s retention period, Security Hub permanently deletes the finding. Finding providers can change the value of the `finding.info.modified_time_dt` field when they update a finding. For information about other `Activity_name` values, see [Vulnerability Finding](https://schema.ocsf.io/1.5.0/classes/vulnerability_finding) in the OCSF schema. 
+Security Hub considers findings with `activity_name != Close` as active findings. Active findings are automatically deleted if they aren’t updated in 90 days. Security Hub considers findings with `Activity_name = Close` as closed findings. Closed findings are automatically deleted if they aren’t updated in 14 days. Security Hub determines when a finding is updated using the most recent value of the finding `modified_time_dt`. At the end of a finding’s retention period, Security Hub permanently deletes the finding. Finding providers can change the value of the `finding.info.modified_time_dt` field when they update a finding. For information about other `Activity_name` values, see [Vulnerability Finding](https://schema.ocsf.io/1.5.0/classes/vulnerability_finding) in the OCSF schema. 
@@ -19 +19 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please
-Concepts
+Viewing details about resources in Security Hub