AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-11-22 · Documentation low

File: securityhub/latest/userguide/securityhub-v2-cwe-event-rules.md

Summary

Fixed API link formatting and added note about potential rule overlaps with Security Hub CSPM.

Security assessment

Operational guidance about avoiding duplicate findings through EventBridge rule management. No security vulnerability addressed, though it improves configuration hygiene.

Diff

diff --git a/securityhub/latest/userguide/securityhub-v2-cwe-event-rules.md b/securityhub/latest/userguide/securityhub-v2-cwe-event-rules.md
index 4476a7184..a68189543 100644
--- a//securityhub/latest/userguide/securityhub-v2-cwe-event-rules.md
+++ b//securityhub/latest/userguide/securityhub-v2-cwe-event-rules.md
@@ -13 +13 @@ Security Hub is in preview release and is subject to change.
-You can create a rule in Amazon EventBridge that defines an action to take when a **Findings Imported V2** event is received. **Findings Imported V2** events are triggered by updates through [`BatchUpdateFindingsV2`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindingsV2.html).
+You can create a rule in Amazon EventBridge that defines an action to take when a **Findings Imported V2** event is received. **Findings Imported V2** events are triggered by updates through [`BatchUpdateFindingsV2`](https://docs.aws.amazon.com//securityhub/1.0/APIReference/API_BatchUpdateFindingsV2.html).
@@ -153,0 +154,4 @@ For details about creating rules, see [Creating Amazon EventBridge rules that re
+###### Note
+
+If you have EventBridge rules defined for findings in Security Hub CSPM, the rules could overlap with rules defined for Security Hub. To avoid sending duplicate findings, evaluate the rules you have defined for Security Hub CSPM to determine if they overlap with rules you are have defined for Security Hub. Where applicable disable any Security Hub CSPM rules that are replaced by Security Hub rules. 
+