AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2025-12-10 · Documentation low

File: prescriptive-guidance/latest/vulnerability-management/manage-findings-in-security-hub.md

Summary

Updated documentation to specify 'Security Hub CSPM' instead of 'Security Hub' throughout the file, including event names and account references

Security assessment

The changes only refine terminology by adding 'CSPM' (Cloud Security Posture Management) to Security Hub references. There's no evidence of vulnerability fixes, security incidents, or new security features. This appears to be branding or product naming clarification without security implications.

Diff

diff --git a/prescriptive-guidance/latest/vulnerability-management/manage-findings-in-security-hub.md b/prescriptive-guidance/latest/vulnerability-management/manage-findings-in-security-hub.md
index ac8b5f188..aeb1dc9ce 100644
--- a//prescriptive-guidance/latest/vulnerability-management/manage-findings-in-security-hub.md
+++ b//prescriptive-guidance/latest/vulnerability-management/manage-findings-in-security-hub.md
@@ -5 +5 @@
-# Manage findings in Security Hub
+# Manage findings in Security Hub CSPM
@@ -7 +7 @@
-You can build a cloud-based notification system for Security Hub findings by using [Amazon EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html) rules and Amazon Simple Notification Service (Amazon SNS) topics. This system notifies the appropriate team about a finding when it is created. For this approach, the multi-account strategy described in [Develop an AWS account structure](./prepare-environment.html#account-structure) is critical because applications are separated into dedicated accounts. This helps you notify the correct teams for each finding.
+You can build a cloud-based notification system for Security Hub CSPM findings by using [Amazon EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html) rules and Amazon Simple Notification Service (Amazon SNS) topics. This system notifies the appropriate team about a finding when it is created. For this approach, the multi-account strategy described in [Develop an AWS account structure](./prepare-environment.html#account-structure) is critical because applications are separated into dedicated accounts. This helps you notify the correct teams for each finding.
@@ -9 +9 @@ You can build a cloud-based notification system for Security Hub findings by usi
-Security or cloud teams might choose to receive events from all AWS accounts. In this case, build an EventBridge rule within the Security Hub delegated administrator account and subscribe an Amazon SNS topic that notifies these teams. For application teams, configure an EventBridge rule and SNS topic within their respective application accounts. When a Security Hub finding occurs within an application account, the responsible team is notified about the finding.
+Security or cloud teams might choose to receive events from all AWS accounts. In this case, build an EventBridge rule within the Security Hub CSPM delegated administrator account and subscribe an Amazon SNS topic that notifies these teams. For application teams, configure an EventBridge rule and SNS topic within their respective application accounts. When a Security Hub CSPM finding occurs within an application account, the responsible team is notified about the finding.
@@ -11 +11 @@ Security or cloud teams might choose to receive events from all AWS accounts. In
-Security Hub already automatically sends all new findings and all updates to existing findings to EventBridge as **Security Hub Findings - Imported** events. Each **Security Hub Findings - Imported** event contains a single finding. You can apply filters on EventBridge rules so that a finding initiates the rule only if the finding matches the filters. For instructions, see [Configuring an EventBridge rule for automatically sent findings](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-cwe-all-findings.html). For more information about creating and subscribing Amazon SNS topics, see [Configuring Amazon SNS](https://docs.aws.amazon.com/sns/latest/dg/sns-configuring.html).
+Security Hub CSPM already automatically sends all new findings and all updates to existing findings to EventBridge as **Security Hub CSPM Findings - Imported** events. Each **Security Hub CSPM Findings - Imported** event contains a single finding. You can apply filters on EventBridge rules so that a finding initiates the rule only if the finding matches the filters. For instructions, see [Configuring an EventBridge rule for automatically sent findings](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-cwe-all-findings.html). For more information about creating and subscribing Amazon SNS topics, see [Configuring Amazon SNS](https://docs.aws.amazon.com/sns/latest/dg/sns-configuring.html).
@@ -17 +17 @@ Consider the following when using this approach:
-  * For security and cloud teams, create EventBridge rules in the Security Hub delegated administrator account. This notifies teams about all findings in the member accounts.
+  * For security and cloud teams, create EventBridge rules in the Security Hub CSPM delegated administrator account. This notifies teams about all findings in the member accounts.