AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2025-11-22 · Documentation low

File: securityhub/latest/userguide/securityhub-v2-cwe-event-types.md

Summary

Added clarification about EventBridge event source differentiation between Security Hub and CSPM.

Security assessment

Configuration guidance to prevent event duplication. No security vulnerability mitigation, focuses on proper event routing rather than security controls.

Diff

diff --git a/securityhub/latest/userguide/securityhub-v2-cwe-event-types.md b/securityhub/latest/userguide/securityhub-v2-cwe-event-types.md
index b3bca81e9..18cfcee41 100644
--- a//securityhub/latest/userguide/securityhub-v2-cwe-event-types.md
+++ b//securityhub/latest/userguide/securityhub-v2-cwe-event-types.md
@@ -21 +21 @@ Security Hub automatically sends all new findings and all updates to existing fi
-Every finding that's imported and every finding updated through a [`BatchUpdateFindingsV2`]() request triggers a **Findings Imported V2** event. 
+Every finding that's imported and every finding updated through a [`BatchUpdateFindingsV2`](https://docs.aws.amazon.com/) request triggers a **Findings Imported V2** event. 
@@ -30,0 +31,4 @@ You use this method to automatically send all findings, or all findings that hav
+###### Note
+
+Security Hub and Security Hub CSPM both send findings to EventBridge under the source of `aws.securityhub`. Ensure that your EventBridge rules use the detail-type that is specific to Security Hub in order to avoid duplicate notifications related to Security Hub CSPM findings. 
+