AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2025-12-10 · Documentation low

File: prescriptive-guidance/latest/aws-security-controls/faq.md

Summary

Replaced 'Security Hub' with 'Security Hub CSPM' in recommendation and documentation links

Security assessment

The update highlights CSPM as the recommended implementation path, enhancing guidance about security posture management. This is a documentation refinement rather than a response to a security issue.

Diff

diff --git a/prescriptive-guidance/latest/aws-security-controls/faq.md b/prescriptive-guidance/latest/aws-security-controls/faq.md
index 5c8eb8bba..29948fd35 100644
--- a//prescriptive-guidance/latest/aws-security-controls/faq.md
+++ b//prescriptive-guidance/latest/aws-security-controls/faq.md
@@ -11 +11 @@ What should I focus on if I have limited time and resources and can't implement
-We recommend implementing AWS Security Hub. Security Hub has a set of automated security controls called the [AWS Foundational Security Best Practices standard](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp.html) (Security Hub documentation). This is a highly curated set of security best practices managed by AWS security experts. You can run these standard controls either continuously, whenever there are changes to the associated resources, or periodically, on a regular schedule. Each control has a specific severity score to help you prioritize your remediation efforts. For more information, see [Running security checks](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-finding-generation.html#securityhub-standards-results-severity) (Security Hub documentation). If you are using AWS Control Tower, you can also review and choose to enable its preventative, detective, and proactive [controls](https://docs.aws.amazon.com/controltower/latest/userguide/controls.html).
+We recommend implementing AWS Security Hub CSPM. Security Hub CSPM has a set of automated security controls called the [AWS Foundational Security Best Practices standard](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp.html) (Security Hub CSPM documentation). This is a highly curated set of security best practices managed by AWS security experts. You can run these standard controls either continuously, whenever there are changes to the associated resources, or periodically, on a regular schedule. Each control has a specific severity score to help you prioritize your remediation efforts. For more information, see [Running security checks](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-finding-generation.html#securityhub-standards-results-severity) (Security Hub CSPM documentation). If you are using AWS Control Tower, you can also review and choose to enable its preventative, detective, and proactive [controls](https://docs.aws.amazon.com/controltower/latest/userguide/controls.html).