AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2025-12-10 · Documentation low

File: prescriptive-guidance/latest/ou-structure-landing-zone/phase-2.md

Summary

Added 'CSPM' to AWS Security Hub reference in security account context

Security assessment

Specifies CSPM usage in security architecture documentation, maintaining consistency with other updates but not indicating security issue resolution

Diff

diff --git a/prescriptive-guidance/latest/ou-structure-landing-zone/phase-2.md b/prescriptive-guidance/latest/ou-structure-landing-zone/phase-2.md
index 5f9f90302..c8528d237 100644
--- a//prescriptive-guidance/latest/ou-structure-landing-zone/phase-2.md
+++ b//prescriptive-guidance/latest/ou-structure-landing-zone/phase-2.md
@@ -38 +38 @@ The following diagram shows the OU architecture for phase 2.
-The Security OU contains AWS accounts related broadly to security functionality and uses two accounts (Audit and Log Archive) to store security operational data for central logging and auditing access to the environment. AWS core security services such as Amazon GuardDuty and AWS Security Hub reside in the audit account. This OU remains unchanged from the original design.
+The Security OU contains AWS accounts related broadly to security functionality and uses two accounts (Audit and Log Archive) to store security operational data for central logging and auditing access to the environment. AWS core security services such as Amazon GuardDuty and AWS Security Hub CSPM reside in the audit account. This OU remains unchanged from the original design.