AWS decision-guides documentation change
Summary
Updated references from 'AWS Security Hub' to 'AWS Security Hub CSPM' throughout the document, emphasizing Cloud Security Posture Management capabilities
Security assessment
The change adds CSPM (Cloud Security Posture Management) terminology to Security Hub references, clarifying its role in compliance monitoring and security posture management. While this enhances documentation of security features, there's no evidence of addressing a specific vulnerability or incident.
Diff
diff --git a/decision-guides/latest/security-on-aws-how-to-choose/choosing-aws-security-services.md b/decision-guides/latest/security-on-aws-how-to-choose/choosing-aws-security-services.md index b4750c393..d3a4452c7 100644 --- a//decision-guides/latest/security-on-aws-how-to-choose/choosing-aws-security-services.md +++ b//decision-guides/latest/security-on-aws-how-to-choose/choosing-aws-security-services.md @@ -42 +42 @@ IntroductionUnderstandConsiderChooseUseExplore - * [AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) + * [AWS Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) @@ -193 +193 @@ AWS WAF -AWS provides tools to help you streamline security operations across your AWS environment, including [multi-account environments](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services_list.html). For example, you can use [Amazon GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html) for intelligent threat detection, and you can use [Amazon Detective](https://docs.aws.amazon.com/detective/latest/adminguide/what-is-detective.html) to identify and analyze security findings by collecting log data. [AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) supports multiple security standards and provides an overview of security alerts and compliance status across AWS accounts. [AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html) tracks user activity and application programming interface (API) usage, which is crucial for understanding and responding to security events. +AWS provides tools to help you streamline security operations across your AWS environment, including [multi-account environments](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services_list.html). For example, you can use [Amazon GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html) for intelligent threat detection, and you can use [Amazon Detective](https://docs.aws.amazon.com/detective/latest/adminguide/what-is-detective.html) to identify and analyze security findings by collecting log data. [AWS Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) supports multiple security standards and provides an overview of security alerts and compliance status across AWS accounts. [AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html) tracks user activity and application programming interface (API) usage, which is crucial for understanding and responding to security events. @@ -207 +207 @@ AWS CloudTrail -AWS Security Hub +AWS Security Hub CSPM @@ -210 +210 @@ AWS Security Hub -[AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) provides a comprehensive view of your security state in AWS. +[AWS Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) provides a comprehensive view of your security state in AWS. @@ -280 +280 @@ Assess your application and infrastructure **architecture**. Determine whether y -Finally, consider the sophistication of your **existing security posture** and the expertise of your security team. If your team has limited resources, choosing services that offer more automation and integration can provide you with effective security enhancements, without overwhelming your team. Example services include AWS Shield for DDoS protection and AWS Security Hub for centralized security monitoring. +Finally, consider the sophistication of your **existing security posture** and the expertise of your security team. If your team has limited resources, choosing services that offer more automation and integration can provide you with effective security enhancements, without overwhelming your team. Example services include AWS Shield for DDoS protection and AWS Security Hub CSPM for centralized security monitoring. @@ -350 +350 @@ The following table highlights which services are optimized for which circumstan -1 Integrates with AWS Security Hub ([full list](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-internal-providers.html)) +1 Integrates with AWS Security Hub CSPM ([full list](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-internal-providers.html)) @@ -398 +398 @@ Continuously identify and prioritize security risks, while integrating security -Use these services to help you detect and respond to security risks [across your accounts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services_list.html), so you can protect your workloads at scale. | Optimized for automating security checks and centralizing security alerts with AWS and third-party integrations. | [AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) 2, 3 +Use these services to help you detect and respond to security risks [across your accounts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services_list.html), so you can protect your workloads at scale. | Optimized for automating security checks and centralizing security alerts with AWS and third-party integrations. | [AWS Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) 2, 3 @@ -920 +920 @@ Create a trail to log management events in all Regions. -AWS Security Hub +AWS Security Hub CSPM @@ -923 +923 @@ AWS Security Hub - * **Enabling AWS Security Hub** + * **Enabling AWS Security Hub CSPM** @@ -925 +925 @@ AWS Security Hub -Enable AWS Security Hub with AWS Organizations or in a standalone account. +Enable AWS Security Hub CSPM with AWS Organizations or in a standalone account. @@ -931 +931 @@ Enable AWS Security Hub with AWS Organizations or in a standalone account. -Aggregate AWS Security Hub findings from multiple AWS Regions to a single aggregation Region. +Aggregate AWS Security Hub CSPM findings from multiple AWS Regions to a single aggregation Region. @@ -935 +935 @@ Aggregate AWS Security Hub findings from multiple AWS Regions to a single aggreg - * **AWS Security Hub workshop** + * **AWS Security Hub CSPM workshop** @@ -937 +937 @@ Aggregate AWS Security Hub findings from multiple AWS Regions to a single aggreg -Learn how to use AWS Security Hub and to manage and improve the security posture of your AWS environments. +Learn how to use AWS Security Hub CSPM and to manage and improve the security posture of your AWS environments. @@ -941 +941 @@ Learn how to use AWS Security Hub and to manage and improve the security posture - * **Three recurring Security Hub usage patterns and how to deploy them** + * **Three recurring Security Hub CSPM usage patterns and how to deploy them** @@ -943 +943 @@ Learn how to use AWS Security Hub and to manage and improve the security posture -Learn about the three most common AWS Security Hub usage patterns and how to improve your strategy for identifying and managing findings. +Learn about the three most common AWS Security Hub CSPM usage patterns and how to improve your strategy for identifying and managing findings.