AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2025-12-10 · Documentation low

File: prescriptive-guidance/latest/migration-operations-integration/aws-services-for-automation.md

Summary

Updated all references to AWS Security Hub to specify 'AWS Security Hub CSPM' across security management, compliance, and AI/ML operations sections

Security assessment

Consistently adds CSPM specification to security service references, enhancing documentation of security posture management features without evidence of security issue remediation.

Diff

diff --git a/prescriptive-guidance/latest/migration-operations-integration/aws-services-for-automation.md b/prescriptive-guidance/latest/migration-operations-integration/aws-services-for-automation.md
index 8d142d24a..ba9661a06 100644
--- a//prescriptive-guidance/latest/migration-operations-integration/aws-services-for-automation.md
+++ b//prescriptive-guidance/latest/migration-operations-integration/aws-services-for-automation.md
@@ -26,2 +26,2 @@ Identity and access management | Least privilege implementation through [AWS Ide
-Security management | Security controls and incident response by using [AWS Security Hub](https://aws.amazon.com/security-hub/), [Amazon GuardDuty](https://aws.amazon.com/guardduty/), [Amazon Detective](https://aws.amazon.com/detective/), [Amazon Inspector](https://aws.amazon.com/inspector/), [Amazon Macie](https://aws.amazon.com/macie/), [AWS WAF](https://aws.amazon.com/waf/), [AWS Shield](https://aws.amazon.com/shield/), and [AWS Network Firewall](https://aws.amazon.com/network-firewall/), specified by the security worksteam with automated security assessments and remediation capabilities. For example, see the guide [Automated patching for mutable instances in the hybrid cloud using AWS Systems Manager](https://docs.aws.amazon.com/prescriptive-guidance/latest/patch-management-hybrid-cloud/) on the AWS Prescriptive Guidance website.  
-Compliance and risk management | Regulatory compliance, automated auditing, and continuous risk assessment by using [AWS Artifact](https://aws.amazon.com/artifact/), [AWS Config](https://aws.amazon.com/config/), [AWS Audit Manager](https://aws.amazon.com/audit-manager/), [AWS Security Hub](https://aws.amazon.com/security-hub/), and [AWS Control Tower](https://aws.amazon.com/controltower/).  
+Security management | Security controls and incident response by using [AWS Security Hub CSPM](https://aws.amazon.com/security-hub/), [Amazon GuardDuty](https://aws.amazon.com/guardduty/), [Amazon Detective](https://aws.amazon.com/detective/), [Amazon Inspector](https://aws.amazon.com/inspector/), [Amazon Macie](https://aws.amazon.com/macie/), [AWS WAF](https://aws.amazon.com/waf/), [AWS Shield](https://aws.amazon.com/shield/), and [AWS Network Firewall](https://aws.amazon.com/network-firewall/), specified by the security worksteam with automated security assessments and remediation capabilities. For example, see the guide [Automated patching for mutable instances in the hybrid cloud using AWS Systems Manager](https://docs.aws.amazon.com/prescriptive-guidance/latest/patch-management-hybrid-cloud/) on the AWS Prescriptive Guidance website.  
+Compliance and risk management | Regulatory compliance, automated auditing, and continuous risk assessment by using [AWS Artifact](https://aws.amazon.com/artifact/), [AWS Config](https://aws.amazon.com/config/), [AWS Audit Manager](https://aws.amazon.com/audit-manager/), [AWS Security Hub CSPM](https://aws.amazon.com/security-hub/), and [AWS Control Tower](https://aws.amazon.com/controltower/).  
@@ -48 +48 @@ Application lifecycle management | Software development lifecycle, people, proce
-AI/ML operations | Enhanced operational capabilities with [CloudWatch anomaly detection](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Anomaly_Detection.html), [CloudWatch investigations](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Investigations.html), and [Amazon DevOps Guru](https://docs.aws.amazon.com/devops-guru/latest/userguide/welcome.html) for predictive monitoring and issue detection; [AWS Security Hub](https://aws.amazon.com/security-hub/), [Amazon GuardDuty](https://aws.amazon.com/guardduty/), and [Amazon Detective](https://aws.amazon.com/detective/) for ML-powered threat detection and investigation; and AI-driven [document processing](https://aws.amazon.com/ai/generative-ai/use-cases/document-processing/) and [architecture visualization](https://aws.amazon.com/blogs/machine-learning/build-aws-architecture-diagrams-using-amazon-q-cli-and-mcp/) solutions to streamline operations and improve incident response.  
+AI/ML operations | Enhanced operational capabilities with [CloudWatch anomaly detection](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Anomaly_Detection.html), [CloudWatch investigations](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Investigations.html), and [Amazon DevOps Guru](https://docs.aws.amazon.com/devops-guru/latest/userguide/welcome.html) for predictive monitoring and issue detection; [AWS Security Hub CSPM](https://aws.amazon.com/security-hub/), [Amazon GuardDuty](https://aws.amazon.com/guardduty/), and [Amazon Detective](https://aws.amazon.com/detective/) for ML-powered threat detection and investigation; and AI-driven [document processing](https://aws.amazon.com/ai/generative-ai/use-cases/document-processing/) and [architecture visualization](https://aws.amazon.com/blogs/machine-learning/build-aws-architecture-diagrams-using-amazon-q-cli-and-mcp/) solutions to streamline operations and improve incident response.