AWS Security ChangesHomeSearch

AWS guardduty documentation change

Service: guardduty · 2025-12-10 · Documentation low

File: guardduty/latest/ug/securityhub-integration.md

Summary

Updated all references from 'AWS Security Hub' to 'AWS Security Hub CSPM' to reflect integration with Cloud Security Posture Management features

Security assessment

The changes involve rebranding/renaming references to Security Hub with 'CSPM' (Cloud Security Posture Management) but do not address a specific security vulnerability, weakness, or incident. The modifications appear to clarify the integration scope rather than mitigate a security risk.

Diff

diff --git a/guardduty/latest/ug/securityhub-integration.md b/guardduty/latest/ug/securityhub-integration.md
index c41e7fb53..fa3668876 100644
--- a//guardduty/latest/ug/securityhub-integration.md
+++ b//guardduty/latest/ug/securityhub-integration.md
@@ -5 +5 @@
-How Amazon GuardDuty sends findings to AWS Security HubViewing GuardDuty findings in AWS Security HubEnabling and configuring the integrationUsing GuardDuty controls in Security HubStopping the publication of findings to Security Hub
+How Amazon GuardDuty sends findings to AWS Security Hub CSPMViewing GuardDuty findings in AWS Security Hub CSPMEnabling and configuring the integrationUsing GuardDuty controls in Security Hub CSPMStopping the publication of findings to Security Hub CSPM
@@ -7 +7 @@ How Amazon GuardDuty sends findings to AWS Security HubViewing GuardDuty finding
-# Integrating with AWS Security Hub
+# Integrating with AWS Security Hub CSPM
@@ -9 +9 @@ How Amazon GuardDuty sends findings to AWS Security HubViewing GuardDuty finding
-[AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) provides you with a comprehensive view of your security state in AWS and helps you to check your environment against security industry standards and best practices. Security Hub collects security data from across AWS accounts, services, and supported third-party partner products and helps you to analyze your security trends and identify the highest priority security issues.
+[AWS Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) provides you with a comprehensive view of your security state in AWS and helps you to check your environment against security industry standards and best practices. Security Hub CSPM collects security data from across AWS accounts, services, and supported third-party partner products and helps you to analyze your security trends and identify the highest priority security issues.
@@ -11 +11 @@ How Amazon GuardDuty sends findings to AWS Security HubViewing GuardDuty finding
-The Amazon GuardDuty integration with Security Hub enables you to send findings from GuardDuty to Security Hub. Security Hub can then include those findings in its analysis of your security posture.
+The Amazon GuardDuty integration with Security Hub CSPM enables you to send findings from GuardDuty to Security Hub CSPM. Security Hub CSPM can then include those findings in its analysis of your security posture.
@@ -15 +15 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-  * [How Amazon GuardDuty sends findings to AWS Security Hub](./securityhub-integration.html#securityhub-integration-sending-findings)
+  * [How Amazon GuardDuty sends findings to AWS Security Hub CSPM](./securityhub-integration.html#securityhub-integration-sending-findings)
@@ -17 +17 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-    * [Types of findings that GuardDuty sends to Security Hub](./securityhub-integration.html#securityhub-integration-finding-types)
+    * [Types of findings that GuardDuty sends to Security Hub CSPM](./securityhub-integration.html#securityhub-integration-finding-types)
@@ -21 +21 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-      * [Retrying when Security Hub is not available](./securityhub-integration.html#securityhub-integration-retry-send)
+      * [Retrying when Security Hub CSPM is not available](./securityhub-integration.html#securityhub-integration-retry-send)
@@ -23 +23 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-      * [Updating existing findings in Security Hub](./securityhub-integration.html#securityhub-integration-finding-updates)
+      * [Updating existing findings in Security Hub CSPM](./securityhub-integration.html#securityhub-integration-finding-updates)
@@ -25 +25 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-  * [Viewing GuardDuty findings in AWS Security Hub](./securityhub-integration.html#findings-in-securityhub)
+  * [Viewing GuardDuty findings in AWS Security Hub CSPM](./securityhub-integration.html#findings-in-securityhub)
@@ -27 +27 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-    * [Interpreting GuardDuty finding names in AWS Security Hub](./securityhub-integration.html#interpreting-findings-in-securityhub)
+    * [Interpreting GuardDuty finding names in AWS Security Hub CSPM](./securityhub-integration.html#interpreting-findings-in-securityhub)
@@ -33 +33 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-  * [Using GuardDuty controls in Security Hub](./securityhub-integration.html#securityhub-integration-using-guardduty-controls)
+  * [Using GuardDuty controls in Security Hub CSPM](./securityhub-integration.html#securityhub-integration-using-guardduty-controls)
@@ -35 +35 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-  * [Stopping the publication of findings to Security Hub](./securityhub-integration.html#securityhub-integration-disable)
+  * [Stopping the publication of findings to Security Hub CSPM](./securityhub-integration.html#securityhub-integration-disable)
@@ -40 +40 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-## How Amazon GuardDuty sends findings to AWS Security Hub
+## How Amazon GuardDuty sends findings to AWS Security Hub CSPM
@@ -42 +42 @@ The Amazon GuardDuty integration with Security Hub enables you to send findings
-In AWS Security Hub, security issues are tracked as findings. Some findings come from issues that are detected by other AWS services or by third-party partners. Security Hub also has a set of rules that it uses to detect security issues and generate findings.
+In AWS Security Hub CSPM, security issues are tracked as findings. Some findings come from issues that are detected by other AWS services or by third-party partners. Security Hub CSPM also has a set of rules that it uses to detect security issues and generate findings.
@@ -44 +44 @@ In AWS Security Hub, security issues are tracked as findings. Some findings come
-Security Hub provides tools to manage findings from across all of these sources. You can view and filter lists of findings and view details for a finding. For more information, see [Viewing findings](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-viewing.html) in the _AWS Security Hub User Guide_. You can also track the status of an investigation into a finding. For more information, see [Taking action on findings](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-taking-action.html) in the _AWS Security Hub User Guide_.
+Security Hub CSPM provides tools to manage findings from across all of these sources. You can view and filter lists of findings and view details for a finding. For more information, see [Viewing findings](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-viewing.html) in the _AWS Security Hub CSPM User Guide_. You can also track the status of an investigation into a finding. For more information, see [Taking action on findings](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-taking-action.html) in the _AWS Security Hub CSPM User Guide_.
@@ -46 +46 @@ Security Hub provides tools to manage findings from across all of these sources.
-All findings in Security Hub use a standard JSON format called the AWS Security Finding Format (ASFF). The ASFF includes details about the source of the issue, the affected resources, and the current status of the finding. See [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) in the _AWS Security Hub User Guide_.
+All findings in Security Hub CSPM use a standard JSON format called the AWS Security Finding Format (ASFF). The ASFF includes details about the source of the issue, the affected resources, and the current status of the finding. See [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) in the _AWS Security Hub CSPM User Guide_.
@@ -48 +48 @@ All findings in Security Hub use a standard JSON format called the AWS Security
-Amazon GuardDuty is one of the AWS services that sends findings to Security Hub.
+Amazon GuardDuty is one of the AWS services that sends findings to Security Hub CSPM.
@@ -50 +50 @@ Amazon GuardDuty is one of the AWS services that sends findings to Security Hub.
-### Types of findings that GuardDuty sends to Security Hub
+### Types of findings that GuardDuty sends to Security Hub CSPM
@@ -52 +52 @@ Amazon GuardDuty is one of the AWS services that sends findings to Security Hub.
-Once you enable GuardDuty and Security Hub in the same account within the same AWS Region, GuardDuty starts sending all the generated findings to Security Hub. These findings are sent to Security Hub using the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html). In ASFF, the `Types` field provides the finding type.
+Once you enable GuardDuty and Security Hub CSPM in the same account within the same AWS Region, GuardDuty starts sending all the generated findings to Security Hub CSPM. These findings are sent to Security Hub CSPM using the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html). In ASFF, the `Types` field provides the finding type.
@@ -56 +56 @@ Once you enable GuardDuty and Security Hub in the same account within the same A
-When GuardDuty creates a new finding, it is usually sent to Security Hub within five minutes.
+When GuardDuty creates a new finding, it is usually sent to Security Hub CSPM within five minutes.
@@ -58 +58 @@ When GuardDuty creates a new finding, it is usually sent to Security Hub within
-#### Retrying when Security Hub is not available
+#### Retrying when Security Hub CSPM is not available
@@ -60 +60 @@ When GuardDuty creates a new finding, it is usually sent to Security Hub within
-If Security Hub is not available, GuardDuty retries sending the findings until they are received.
+If Security Hub CSPM is not available, GuardDuty retries sending the findings until they are received.
@@ -62 +62 @@ If Security Hub is not available, GuardDuty retries sending the findings until t
-#### Updating existing findings in Security Hub
+#### Updating existing findings in Security Hub CSPM
@@ -64 +64 @@ If Security Hub is not available, GuardDuty retries sending the findings until t
-After it sends a finding to Security Hub, GuardDuty sends updates to reflect additional observations of the finding activity to Security Hub. The new observations of these findings are sent to Security Hub based on the [Step 5 – Frequency for exporting findings](./guardduty_exportfindings.html#guardduty_exportfindings-frequency) settings in your AWS account.
+After it sends a finding to Security Hub CSPM, GuardDuty sends updates to reflect additional observations of the finding activity to Security Hub CSPM. The new observations of these findings are sent to Security Hub CSPM based on the [Step 5 – Frequency for exporting findings](./guardduty_exportfindings.html#guardduty_exportfindings-frequency) settings in your AWS account.
@@ -66 +66 @@ After it sends a finding to Security Hub, GuardDuty sends updates to reflect add
-When you archive or unarchive a finding, GuardDuty doesn't send that finding to Security Hub. Any manually unarchived finding that later become active in GuardDuty is not sent to Security Hub.
+When you archive or unarchive a finding, GuardDuty doesn't send that finding to Security Hub CSPM. Any manually unarchived finding that later become active in GuardDuty is not sent to Security Hub CSPM.
@@ -68 +68 @@ When you archive or unarchive a finding, GuardDuty doesn't send that finding to
-## Viewing GuardDuty findings in AWS Security Hub
+## Viewing GuardDuty findings in AWS Security Hub CSPM
@@ -70 +70 @@ When you archive or unarchive a finding, GuardDuty doesn't send that finding to
-Sign in to the AWS Management Console and open the AWS Security Hub console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/).
+Sign in to the AWS Management Console and open the AWS Security Hub CSPM console at [https://console.aws.amazon.com/securityhub/](https://console.aws.amazon.com/securityhub/).
@@ -72 +72 @@ Sign in to the AWS Management Console and open the AWS Security Hub console at [
-You can now use either of the following ways to view the GuardDuty findings in the Security Hub console:
+You can now use either of the following ways to view the GuardDuty findings in the Security Hub CSPM console:
@@ -74 +74 @@ You can now use either of the following ways to view the GuardDuty findings in t
-**Option 1: Using _Integrations_ in Security Hub**
+**Option 1: Using _Integrations_ in Security Hub CSPM**
@@ -83 +83 @@ You can now use either of the following ways to view the GuardDuty findings in t
-     * If not, then for more information about how **Integrations** work, see [Security Hub integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-providers.html) in _AWS Security Hub User Guide_.
+     * If not, then for more information about how **Integrations** work, see [Security Hub CSPM integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-providers.html) in _AWS Security Hub CSPM User Guide_.
@@ -88 +88 @@ You can now use either of the following ways to view the GuardDuty findings in t
-**Option 2: Using _Findings_ in Security Hub**
+**Option 2: Using _Findings_ in Security Hub CSPM**
@@ -98 +98 @@ You can now use either of the following ways to view the GuardDuty findings in t
-### Interpreting GuardDuty finding names in AWS Security Hub
+### Interpreting GuardDuty finding names in AWS Security Hub CSPM
@@ -100 +100 @@ You can now use either of the following ways to view the GuardDuty findings in t
-GuardDuty sends the findings to Security Hub using the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html). In ASFF, the `Types` field provides the finding type. ASFF types use a different naming scheme than GuardDuty types. The table below details all the GuardDuty finding types with their ASFF counterpart as they appear in Security Hub. 
+GuardDuty sends the findings to Security Hub CSPM using the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html). In ASFF, the `Types` field provides the finding type. ASFF types use a different naming scheme than GuardDuty types. The table below details all the GuardDuty finding types with their ASFF counterpart as they appear in Security Hub CSPM. 
@@ -104 +104 @@ GuardDuty sends the findings to Security Hub using the [AWS Security Finding For
-For some GuardDuty finding types Security Hub assigns different ASFF finding names depending on whether the finding detail's **Resource Role** was **ACTOR** or **TARGET**. For more information see [Finding details](./guardduty_findings-summary.html).
+For some GuardDuty finding types Security Hub CSPM assigns different ASFF finding names depending on whether the finding detail's **Resource Role** was **ACTOR** or **TARGET**. For more information see [Finding details](./guardduty_findings-summary.html).
@@ -318 +318 @@ GuardDuty finding type |  ASFF finding type
-GuardDuty sends findings to Security Hub using the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html).
+GuardDuty sends findings to Security Hub CSPM using the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html).
@@ -409 +409 @@ Here is an example of a typical finding from GuardDuty.
-To use the integration with AWS Security Hub, you must enable Security Hub. For information on how to enable Security Hub, see [Setting up Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-settingup.html) in the _AWS Security Hub User Guide_.
+To use the integration with AWS Security Hub CSPM, you must enable Security Hub CSPM. For information on how to enable Security Hub CSPM, see [Setting up Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-settingup.html) in the _AWS Security Hub CSPM User Guide_.
@@ -411 +411 @@ To use the integration with AWS Security Hub, you must enable Security Hub. For
-When you enable both GuardDuty and Security Hub, the integration is enabled automatically. GuardDuty immediately begins to send findings to Security Hub.
+When you enable both GuardDuty and Security Hub CSPM, the integration is enabled automatically. GuardDuty immediately begins to send findings to Security Hub CSPM.
@@ -413 +413 @@ When you enable both GuardDuty and Security Hub, the integration is enabled auto
-## Using GuardDuty controls in Security Hub
+## Using GuardDuty controls in Security Hub CSPM
@@ -415 +415 @@ When you enable both GuardDuty and Security Hub, the integration is enabled auto
-AWS Security Hub uses security controls to evaluate your AWS resources, and check your compliance against security industry standards and best practices. You can use the controls related to GuardDuty resources and selected protection plans. For more information, see [Amazon GuardDuty controls](https://docs.aws.amazon.com/securityhub/latest/userguide/guardduty-controls.html) in the _AWS Security Hub User Guide_.
+AWS Security Hub CSPM uses security controls to evaluate your AWS resources, and check your compliance against security industry standards and best practices. You can use the controls related to GuardDuty resources and selected protection plans. For more information, see [Amazon GuardDuty controls](https://docs.aws.amazon.com/securityhub/latest/userguide/guardduty-controls.html) in the _AWS Security Hub CSPM User Guide_.
@@ -417 +417 @@ AWS Security Hub uses security controls to evaluate your AWS resources, and chec
-For a list of all the controls across AWS services and resources, see [Security Hub controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) in the _AWS Security Hub User Guide_.
+For a list of all the controls across AWS services and resources, see [Security Hub CSPM controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) in the _AWS Security Hub CSPM User Guide_.
@@ -419 +419 @@ For a list of all the controls across AWS services and resources, see [Security
-## Stopping the publication of findings to Security Hub
+## Stopping the publication of findings to Security Hub CSPM
@@ -421 +421 @@ For a list of all the controls across AWS services and resources, see [Security
-To stop sending findings to Security Hub, you can use either the Security Hub console or the API.
+To stop sending findings to Security Hub CSPM, you can use either the Security Hub CSPM console or the API.
@@ -423 +423 @@ To stop sending findings to Security Hub, you can use either the Security Hub co
-See [Disabling and enabling the flow of findings from an integration (console)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-integrations-managing.html#securityhub-integration-findings-flow-console) or [Disabling the flow of findings from an integration (Security Hub API, AWS CLI)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-integrations-managing.html#securityhub-integration-findings-flow-disable-api) in the _AWS Security Hub User Guide_.
+See [Disabling and enabling the flow of findings from an integration (console)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-integrations-managing.html#securityhub-integration-findings-flow-console) or [Disabling the flow of findings from an integration (Security Hub API, AWS CLI)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-integrations-managing.html#securityhub-integration-findings-flow-disable-api) in the _AWS Security Hub CSPM User Guide_.