AWS guardduty documentation change
Summary
Added new GuardDuty finding types for malware detection in EC2/S3 backups
Security assessment
The additions document new malware detection capabilities for AWS Backup resources, enhancing security monitoring but not addressing a specific vulnerability.
Diff
diff --git a/guardduty/latest/ug/securityhub-integration.md b/guardduty/latest/ug/securityhub-integration.md index 94cc599b3..c41e7fb53 100644 --- a//guardduty/latest/ug/securityhub-integration.md +++ b//guardduty/latest/ug/securityhub-integration.md @@ -144,0 +145 @@ GuardDuty finding type | ASFF finding type +[DefenseEvasion:IAMUser/BedrockLoggingDisabled](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_finding-types-iam.html#defenseevasion-iam-bedrockloggingdisabled) | TTPs/Defense Evasion/DefenseEvasion:IAMUser-BedrockLoggingDisabled @@ -193,0 +195,4 @@ GuardDuty finding type | ASFF finding type +[Execution:EC2/MaliciousFile!Snapshot](https://docs.aws.amazon.com/guardduty/latest/ug/findings-malware-protection-backup.html#execution-malware-ec2-maliciousfile-snapshot) | TTPs/Execution/Execution:EC2-MaliciousFile!Snapshot +[Execution:EC2/MaliciousFile!AMI](https://docs.aws.amazon.com/guardduty/latest/ug/findings-malware-protection-backup.html#execution-malware-ec2-maliciousfile-ami) | TTPs/Execution/Execution:EC2-MaliciousFile!AMI +[Execution:EC2/MaliciousFile!RecoveryPoint](https://docs.aws.amazon.com/guardduty/latest/ug/findings-malware-protection-backup.html#execution-malware-ec2-maliciousfile-recoverypoint) | TTPs/Execution/Execution:EC2-MaliciousFile!RecoveryPoint +[Execution:S3/MaliciousFile!RecoveryPoint](https://docs.aws.amazon.com/guardduty/latest/ug/findings-malware-protection-backup.html#execution-malware-s3-maliciousfile-recoverypoint) | TTPs/Execution/Execution:S3-MaliciousFile!RecoveryPoint