AWS Security ChangesHomeSearch

AWS detective documentation change

Service: detective · 2025-12-10 · Documentation low

File: detective/latest/userguide/group-evidence.md

Summary

Specified findings are not sent to Security Hub CSPM rather than general Security Hub

Security assessment

Clarifies the scope of findings distribution but does not indicate any security vulnerability remediation or new security capability introduction.

Diff

diff --git a/detective/latest/userguide/group-evidence.md b/detective/latest/userguide/group-evidence.md
index 0a9e6c1c9..37f231f55 100644
--- a//detective/latest/userguide/group-evidence.md
+++ b//detective/latest/userguide/group-evidence.md
@@ -7 +7 @@
-Amazon Detective identifies additional information related to a finding group based on data in your behavior graph collected within the last 45 days. Detective presents this information as a finding with the **Informational** severity. Evidence provides supporting information that highlights an unusual activity or unknown behavior that is potentially suspicious when viewed within a finding group. This might include newly observed geolocations or API calls observed within the scope time of a finding. Evidence findings are only viewable in Detective and are not sent to AWS Security Hub.
+Amazon Detective identifies additional information related to a finding group based on data in your behavior graph collected within the last 45 days. Detective presents this information as a finding with the **Informational** severity. Evidence provides supporting information that highlights an unusual activity or unknown behavior that is potentially suspicious when viewed within a finding group. This might include newly observed geolocations or API calls observed within the scope time of a finding. Evidence findings are only viewable in Detective and are not sent to AWS Security Hub CSPM.