AWS macie documentation change
Summary
Updated references from 'Security Hub' to 'Security Hub CSPM' throughout the document, clarifying integration with Cloud Security Posture Management service
Security assessment
The changes specify integration with Security Hub CSPM rather than general Security Hub, but there's no evidence of addressing a security vulnerability. This appears to be a branding/naming update rather than a security fix. The documentation continues to describe security feature usage (findings publication) but doesn't introduce new security capabilities or patch weaknesses.
Diff
diff --git a/macie/latest/user/findings-publish-frequency.md b/macie/latest/user/findings-publish-frequency.md index 381eeccf0..29191ec38 100644 --- a//macie/latest/user/findings-publish-frequency.md +++ b//macie/latest/user/findings-publish-frequency.md @@ -11 +11 @@ To support integration with other applications, services, and systems, Amazon Ma -You can configure Macie to automatically publish findings to AWS Security Hub too, using destination options that you specify in the publication settings for your account. With these options, you can configure Macie to publish only policy findings, only sensitive data findings, or both policy and sensitive data findings to Security Hub. You can also configure Macie to stop publishing any findings to Security Hub. For information about how you can use Security Hub to evaluate and process findings, see [Evaluating findings with AWS Security Hub](./securityhub-integration.html). +You can configure Macie to automatically publish findings to AWS Security Hub CSPM too, using destination options that you specify in the publication settings for your account. With these options, you can configure Macie to publish only policy findings, only sensitive data findings, or both policy and sensitive data findings to Security Hub CSPM. You can also configure Macie to stop publishing any findings to Security Hub CSPM. For information about how you can use Security Hub CSPM to evaluate and process findings, see [Evaluating findings with AWS Security Hub CSPM](./securityhub-integration.html). @@ -28 +28 @@ Note that Macie doesn't publish policy or sensitive data findings that are archi -You can configure Amazon Macie to automatically publish policy and sensitive data findings to AWS Security Hub in addition to Amazon EventBridge. By default, Macie publishes only new and updated policy findings to Security Hub. To change or extend the default configuration, adjust the publication destination settings for your account. +You can configure Amazon Macie to automatically publish policy and sensitive data findings to AWS Security Hub CSPM in addition to Amazon EventBridge. By default, Macie publishes only new and updated policy findings to Security Hub CSPM. To change or extend the default configuration, adjust the publication destination settings for your account. @@ -30 +30 @@ You can configure Amazon Macie to automatically publish policy and sensitive dat -When you adjust your destination settings, you choose the categories of findings that you want Macie to publish to Security Hub—only policy findings, only sensitive data findings, or both policy and sensitive data findings. You can also choose to stop publishing any category of finding to Security Hub. +When you adjust your destination settings, you choose the categories of findings that you want Macie to publish to Security Hub CSPM—only policy findings, only sensitive data findings, or both policy and sensitive data findings. You can also choose to stop publishing any category of finding to Security Hub CSPM. @@ -44 +44 @@ Follow these steps to change your destination settings by using the Amazon Macie - * **Publish policy findings to Security Hub** – Select this checkbox to start publishing new and updated policy findings to Security Hub automatically. To stop publishing new and updated policy findings to Security Hub, clear this checkbox. + * **Publish policy findings to Security Hub CSPM** – Select this checkbox to start publishing new and updated policy findings to Security Hub CSPM automatically. To stop publishing new and updated policy findings to Security Hub CSPM, clear this checkbox. @@ -46 +46 @@ Follow these steps to change your destination settings by using the Amazon Macie -If you select this checkbox and you have existing policy findings, Macie doesn't publish them to Security Hub. Instead, Macie publishes only those policy findings that it creates or updates after you save your change. +If you select this checkbox and you have existing policy findings, Macie doesn't publish them to Security Hub CSPM. Instead, Macie publishes only those policy findings that it creates or updates after you save your change. @@ -48 +48 @@ If you select this checkbox and you have existing policy findings, Macie doesn't - * **Publish sensitive data findings to Security Hub** – Select this checkbox to start publishing new sensitive data findings to Security Hub automatically. To stop publishing new sensitive data findings to Security Hub, clear this checkbox. + * **Publish sensitive data findings to Security Hub CSPM** – Select this checkbox to start publishing new sensitive data findings to Security Hub CSPM automatically. To stop publishing new sensitive data findings to Security Hub CSPM, clear this checkbox. @@ -50 +50 @@ If you select this checkbox and you have existing policy findings, Macie doesn't -If you select this checkbox and you have existing sensitive data findings, Macie doesn't publish them to Security Hub. Instead, Macie publishes only those sensitive data findings that it creates after you save your change. +If you select this checkbox and you have existing sensitive data findings, Macie doesn't publish them to Security Hub CSPM. Instead, Macie publishes only those sensitive data findings that it creates after you save your change. @@ -57 +57 @@ If you select this checkbox and you have existing sensitive data findings, Macie -If you chose to publish any category of finding to Security Hub, make sure that you also enable Security Hub in the current Region and configure it to accept findings from Macie. Otherwise, you won't be able to access the findings in Security Hub. To learn how to accept findings in Security Hub, see [Enabling and managing integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-providers.html) in the _AWS Security Hub User Guide_. +If you chose to publish any category of finding to Security Hub CSPM, make sure that you also enable Security Hub CSPM in the current Region and configure it to accept findings from Macie. Otherwise, you won't be able to access the findings in Security Hub CSPM. To learn how to accept findings in Security Hub CSPM, see [Enabling and managing integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-providers.html) in the _AWS Security Hub CSPM User Guide_. @@ -63 +63 @@ In Amazon Macie, each finding has a unique identifier. Macie uses this identifie - * **New findings** – When Macie creates a new policy or sensitive data finding, it assigns a unique identifier to the finding as part of processing the finding. Immediately after Macie finishes processing the finding, it publishes the finding to Amazon EventBridge as a new event. Depending on the publication settings for your account, Macie also publishes the finding as a new finding in AWS Security Hub. + * **New findings** – When Macie creates a new policy or sensitive data finding, it assigns a unique identifier to the finding as part of processing the finding. Immediately after Macie finishes processing the finding, it publishes the finding to Amazon EventBridge as a new event. Depending on the publication settings for your account, Macie also publishes the finding as a new finding in AWS Security Hub CSPM. @@ -65 +65 @@ In Amazon Macie, each finding has a unique identifier. Macie uses this identifie - * **Updated findings** – When Macie detects a subsequent occurrence of an existing policy finding, it updates the existing finding by adding details about the subsequent occurrence and incrementing the count of occurrences. Macie also publishes these updates to the existing EventBridge event and, depending on the publication settings for your account, the existing Security Hub finding. By default, Macie publishes updates every 15 minutes as part of a recurring publication cycle. This means any policy findings that are updated after the most recent publication cycle will be held, updated again as necessary, and included in the next publication cycle (approximately 15 minutes later). + * **Updated findings** – When Macie detects a subsequent occurrence of an existing policy finding, it updates the existing finding by adding details about the subsequent occurrence and incrementing the count of occurrences. Macie also publishes these updates to the existing EventBridge event and, depending on the publication settings for your account, the existing Security Hub CSPM finding. By default, Macie publishes updates every 15 minutes as part of a recurring publication cycle. This means any policy findings that are updated after the most recent publication cycle will be held, updated again as necessary, and included in the next publication cycle (approximately 15 minutes later).