AWS prescriptive-guidance documentation change
Summary
Updated Security Hub reference to 'Security Hub CSPM' in centralized logging section
Security assessment
The change adds specificity about Security Hub's Cloud Security Posture Management (CSPM) capabilities but does not address a specific security vulnerability. It enhances documentation about existing security features.
Diff
diff --git a/prescriptive-guidance/latest/essential-eight-maturity/multi-factor-authentication.md b/prescriptive-guidance/latest/essential-eight-maturity/multi-factor-authentication.md index f0992295b..e46e894aa 100644 --- a//prescriptive-guidance/latest/essential-eight-maturity/multi-factor-authentication.md +++ b//prescriptive-guidance/latest/essential-eight-maturity/multi-factor-authentication.md @@ -18 +18 @@ Multi-factor authentication is verifier impersonation resistant and uses either: -Successful and unsuccessful multi-factor authentications are centrally logged and protected from unauthorised modification and deletion, monitored for signs of compromise, and actioned when cyber security events are detected. | [Theme 7: Centralise logging and monitoring](./theme-7.html): Enable logging[Theme 7: Centralise logging and monitoring](./theme-7.html): Centralise logs | [Centralise CloudWatch Logs in an account for auditing and analysis](https://aws.amazon.com/blogs/architecture/stream-amazon-cloudwatch-logs-to-a-centralized-account-for-audit-and-analysis/) (AWS blog post)[Centralize management of Amazon Inspector](https://docs.aws.amazon.com/inspector/latest/user/managing-multiple-accounts.html)[Centralise management of Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html)[Create an organisation-wide aggregator in AWS Config](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html) (AWS blog post)[Centralise management of GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html)[Consider using Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html)[Receive CloudTrail logs from multiple accounts](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-receive-logs-from-multiple-accounts.html)[Send logs to a log archive account](https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/security-ou-and-accounts.html#log-archive-account) | [SEC04-BP01 Configure service and application logging](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_app_service_logging.html)[SEC04-BP02 Capture logs, findings, and metrics in standardized locations](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_logs.html) +Successful and unsuccessful multi-factor authentications are centrally logged and protected from unauthorised modification and deletion, monitored for signs of compromise, and actioned when cyber security events are detected. | [Theme 7: Centralise logging and monitoring](./theme-7.html): Enable logging[Theme 7: Centralise logging and monitoring](./theme-7.html): Centralise logs | [Centralise CloudWatch Logs in an account for auditing and analysis](https://aws.amazon.com/blogs/architecture/stream-amazon-cloudwatch-logs-to-a-centralized-account-for-audit-and-analysis/) (AWS blog post)[Centralize management of Amazon Inspector](https://docs.aws.amazon.com/inspector/latest/user/managing-multiple-accounts.html)[Centralise management of Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html)[Create an organisation-wide aggregator in AWS Config](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html) (AWS blog post)[Centralise management of GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html)[Consider using Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html)[Receive CloudTrail logs from multiple accounts](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-receive-logs-from-multiple-accounts.html)[Send logs to a log archive account](https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/security-ou-and-accounts.html#log-archive-account) | [SEC04-BP01 Configure service and application logging](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_app_service_logging.html)[SEC04-BP02 Capture logs, findings, and metrics in standardized locations](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_logs.html)