AWS prescriptive-guidance documentation change
Summary
Changed 'Security Hub' to 'Security Hub CSPM' in central logging context
Security assessment
Specifies CSPM component for centralized management without addressing vulnerabilities. Improves accuracy of security monitoring documentation.
Diff
diff --git a/prescriptive-guidance/latest/essential-eight-maturity/application-control.md b/prescriptive-guidance/latest/essential-eight-maturity/application-control.md index ead88090e..9d04077b0 100644 --- a//prescriptive-guidance/latest/essential-eight-maturity/application-control.md +++ b//prescriptive-guidance/latest/essential-eight-maturity/application-control.md @@ -20 +20 @@ Allowed and blocked executions on workstations and servers are centrally logged -[Theme 7: Centralise logging and monitoring](./theme-7.html): Centralise logs | [Receive CloudTrail logs from multiple accounts](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-receive-logs-from-multiple-accounts.html)[Send logs to a log archive account](https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/security-ou-and-accounts.html#log-archive-account)[Centralise CloudWatch Logs in an account for auditing and analysis](https://aws.amazon.com/blogs/architecture/stream-amazon-cloudwatch-logs-to-a-centralized-account-for-audit-and-analysis/) (AWS blog post)[Centralize management of Amazon Inspector](https://docs.aws.amazon.com/inspector/latest/user/managing-multiple-accounts.html)[Create an organisation-wide aggregator in AWS Config](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html) (AWS blog post)[Centralise management of Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html)[Centralise management of GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html)[Consider using Amazon Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html) | [SEC04-BP02 Capture logs, findings, and metrics in standardized locations](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_logs.html) +[Theme 7: Centralise logging and monitoring](./theme-7.html): Centralise logs | [Receive CloudTrail logs from multiple accounts](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-receive-logs-from-multiple-accounts.html)[Send logs to a log archive account](https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/security-ou-and-accounts.html#log-archive-account)[Centralise CloudWatch Logs in an account for auditing and analysis](https://aws.amazon.com/blogs/architecture/stream-amazon-cloudwatch-logs-to-a-centralized-account-for-audit-and-analysis/) (AWS blog post)[Centralize management of Amazon Inspector](https://docs.aws.amazon.com/inspector/latest/user/managing-multiple-accounts.html)[Create an organisation-wide aggregator in AWS Config](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html) (AWS blog post)[Centralise management of Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html)[Centralise management of GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html)[Consider using Amazon Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html) | [SEC04-BP02 Capture logs, findings, and metrics in standardized locations](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_logs.html)