AWS inspector documentation change
Summary
Updated documentation to reflect integration with Security Hub CSPM instead of Security Hub, added section about activating Amazon Inspector via organization policy in Security Hub CSPM
Security assessment
The changes primarily rebrand references from 'Security Hub' to 'Security Hub CSPM' and add documentation for centralized policy management via AWS Organizations. While this enhances security posture management capabilities, there is no evidence of addressing a specific security vulnerability or incident. The updates focus on feature documentation and integration workflows rather than patching security flaws.
Diff
diff --git a/inspector/latest/user/securityhub-integration.md b/inspector/latest/user/securityhub-integration.md index 08d24e7ed..33cc5d50e 100644 --- a//inspector/latest/user/securityhub-integration.md +++ b//inspector/latest/user/securityhub-integration.md @@ -5 +5 @@ -Viewing Amazon Inspector findings in AWS Security HubActivating and configuring the Amazon Inspector integration with Security HubDisabling the flow of findings from an integrationViewing security controls for Amazon Inspector in Security Hub +Viewing Amazon Inspector findings in AWS Security Hub CSPMActivating and configuring the Amazon Inspector integration with Security Hub CSPMActivating Amazon Inspector from Security Hub CSPM using organization policyDisabling the flow of findings from an integrationViewing security controls for Amazon Inspector in Security Hub CSPM @@ -7 +7 @@ Viewing Amazon Inspector findings in AWS Security HubActivating and configuring -# Amazon Inspector integration with AWS Security Hub +# Amazon Inspector integration with AWS Security Hub CSPM @@ -9 +9 @@ Viewing Amazon Inspector findings in AWS Security HubActivating and configuring -Security Hub provides a comprehensive view of your security state in AWS. This helps you check your environment against security industry standards and best practices. Security Hub collects security data from AWS accounts, services, and supported products. You can use this information to analyze security trends and identify security issues. When you activate the Amazon Inspector integration with Security Hub, Amazon Inspector can send findings to Security Hub, and Security Hub can analyze those findings as part of your security posture. +Security Hub CSPM provides a comprehensive view of your security state in AWS. This helps you check your environment against security industry standards and best practices. Security Hub CSPM collects security data from AWS accounts, services, and supported products. You can use this information to analyze security trends and identify security issues. When you activate the Amazon Inspector integration with Security Hub CSPM, Amazon Inspector can send findings to Security Hub CSPM, and Security Hub CSPM can analyze those findings as part of your security posture. @@ -11 +11 @@ Security Hub provides a comprehensive view of your security state in AWS. This h -Security Hub tracks security issues as findings. Some findings can be a result of security issues detected in other AWS services or third-party products. Security Hub uses a set of rules to detect security issues and generate findings and provides tools, so you can manage findings. Security Hub archives Amazon Inspector findings once the findings have been closed in Amazon Inspector. You can also [view a history of your findings and finding details](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-viewing.html), as well as [track the status of an investigation into a finding](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-taking-action.html). +Security Hub CSPM tracks security issues as findings. Some findings can be a result of security issues detected in other AWS services or third-party products. Security Hub CSPM uses a set of rules to detect security issues and generate findings and provides tools, so you can manage findings. Security Hub CSPM archives Amazon Inspector findings once the findings have been closed in Amazon Inspector. You can also [view a history of your findings and finding details](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-viewing.html), as well as [track the status of an investigation into a finding](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-taking-action.html). @@ -13 +13 @@ Security Hub tracks security issues as findings. Some findings can be a result o -Security Hub processes findings in the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html). This format includes details such as unique identifiers, severity levels, affected resources, remediation guidance, workflow status, and contextual information. +Security Hub CSPM processes findings in the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html). This format includes details such as unique identifiers, severity levels, affected resources, remediation guidance, workflow status, and contextual information. @@ -21 +21 @@ Security findings generated by [Amazon Inspector Code Security](https://docs.aws - * Viewing Amazon Inspector findings in AWS Security Hub + * Viewing Amazon Inspector findings in AWS Security Hub CSPM @@ -23 +23,3 @@ Security findings generated by [Amazon Inspector Code Security](https://docs.aws - * Activating and configuring the Amazon Inspector integration with Security Hub + * Activating and configuring the Amazon Inspector integration with Security Hub CSPM + + * Activating Amazon Inspector from Security Hub CSPM using organization policy @@ -27 +29 @@ Security findings generated by [Amazon Inspector Code Security](https://docs.aws - * Viewing security controls for Amazon Inspector in Security Hub + * Viewing security controls for Amazon Inspector in Security Hub CSPM @@ -32 +34 @@ Security findings generated by [Amazon Inspector Code Security](https://docs.aws -## Viewing Amazon Inspector findings in AWS Security Hub +## Viewing Amazon Inspector findings in AWS Security Hub CSPM @@ -34 +36 @@ Security findings generated by [Amazon Inspector Code Security](https://docs.aws -You can view Amazon Inspector Classic and Amazon Inspector findings in Security Hub. +You can view Amazon Inspector Classic and Amazon Inspector findings in Security Hub CSPM. @@ -38 +40 @@ You can view Amazon Inspector Classic and Amazon Inspector findings in Security -To filter on Amazon Inspector findings only, add `"aws/inspector/ProductVersion": "2"` to the filter bar. This filter excludes Amazon Inspector Classic findings from the Security Hub dashboard. +To filter on Amazon Inspector findings only, add `"aws/inspector/ProductVersion": "2"` to the filter bar. This filter excludes Amazon Inspector Classic findings from the Security Hub CSPM dashboard. @@ -175 +177,7 @@ To filter on Amazon Inspector findings only, add `"aws/inspector/ProductVersion" -## Activating and configuring the Amazon Inspector integration with Security Hub +## Activating and configuring the Amazon Inspector integration with Security Hub CSPM + +You can activate the Amazon Inspector integration with AWS Security Hub CSPM by [enabling Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-settingup.html). After you enable Security Hub CSPM, the Amazon Inspector integration with AWS Security Hub CSPM is automatically activated, and Amazon Inspector begins sending all of its findings to Security Hub CSPM using the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html). + +## Activating Amazon Inspector from Security Hub CSPM using organization policy + +You can manage Amazon Inspector activation across your organization using AWS Organizations policies directly from the Security Hub CSPM console. This centralized approach allows you to enable Amazon Inspector scanning for multiple accounts simultaneously through organization-level policy management. @@ -177 +185 @@ To filter on Amazon Inspector findings only, add `"aws/inspector/ProductVersion" -You can activate the Amazon Inspector integration with AWS Security Hub by [enabling Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-settingup.html). After you enable Security Hub, the Amazon Inspector integration with AWS Security Hub is automatically activated, and Amazon Inspector begins sending all of its findings to Security Hub using the [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html). +For detailed instructions on managing Amazon Inspector activation through Security Hub CSPM using organization policies, see [Managing delegated administrator accounts for Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-v2-da-policy.html) in the _AWS Security Hub CSPM User Guide_. @@ -181 +189 @@ You can activate the Amazon Inspector integration with AWS Security Hub by [enab -To stop Amazon Inspector from sending findings to Security Hub, you can use the Security Hub [console](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-integrations-managing.html#securityhub-integration-findings-flow-console) or [API and AWS CLI](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-integrations-managing.html#securityhub-integration-findings-flow-disable-api).. +To stop Amazon Inspector from sending findings to Security Hub CSPM, you can use the Security Hub CSPM [console](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-integrations-managing.html#securityhub-integration-findings-flow-console) or [API and AWS CLI](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-integrations-managing.html#securityhub-integration-findings-flow-disable-api).. @@ -183 +191 @@ To stop Amazon Inspector from sending findings to Security Hub, you can use the -## Viewing security controls for Amazon Inspector in Security Hub +## Viewing security controls for Amazon Inspector in Security Hub CSPM @@ -185 +193 @@ To stop Amazon Inspector from sending findings to Security Hub, you can use the -Security Hub analyzes findings from supported AWS and third-party products and runs automated and continuous security checks against rules to generate findings of its own. The rules are represented by security controls, which help you determine whether requirements in a standard are being met. +Security Hub CSPM analyzes findings from supported AWS and third-party products and runs automated and continuous security checks against rules to generate findings of its own. The rules are represented by security controls, which help you determine whether requirements in a standard are being met. @@ -200 +208 @@ Amazon Inspector uses security controls to check whether Amazon Inspector featur -For more information, see [Amazon Inspector controls](https://docs.aws.amazon.com/securityhub/latest/userguide/inspector-controls.html) in the _AWS Security Hub User Guide_. +For more information, see [Amazon Inspector controls](https://docs.aws.amazon.com/securityhub/latest/userguide/inspector-controls.html) in the _AWS Security Hub CSPM User Guide_.