AWS securityhub documentation change
Summary
Updated branding from 'Security Hub' to 'Security Hub CSPM' throughout the document, including control descriptions and parameter tables.
Security assessment
Changes are purely terminological updates replacing 'Security Hub' with 'Security Hub CSPM'. No security vulnerabilities, weaknesses, or incidents are addressed. The security controls themselves remain unchanged.
Diff
diff --git a/securityhub/latest/userguide/apigateway-controls.md b/securityhub/latest/userguide/apigateway-controls.md index b7cf7b5bd..a0e4e4247 100644 --- a//securityhub/latest/userguide/apigateway-controls.md +++ b//securityhub/latest/userguide/apigateway-controls.md @@ -7 +7 @@ -# Security Hub controls for Amazon API Gateway +# Security Hub CSPM controls for Amazon API Gateway @@ -9 +9 @@ -These AWS Security Hub controls evaluate the Amazon API Gateway service and resources. The controls might not be available in all AWS Regions. For more information, see [Availability of controls by Region](./securityhub-regions.html#securityhub-regions-control-support). +These AWS Security Hub CSPM controls evaluate the Amazon API Gateway service and resources. The controls might not be available in all AWS Regions. For more information, see [Availability of controls by Region](./securityhub-regions.html#securityhub-regions-control-support). @@ -27 +27 @@ These AWS Security Hub controls evaluate the Amazon API Gateway service and reso -Parameter | Description | Type | Allowed custom values | Security Hub default value +Parameter | Description | Type | Allowed custom values | Security Hub CSPM default value @@ -31 +31 @@ Parameter | Description | Type | Allowed custom values | Security Hub default va -This control checks whether all stages of an Amazon API Gateway REST or WebSocket API have logging enabled. The control fails if the `loggingLevel` isn't `ERROR` or `INFO` for all stages of the API. Unless you provide custom parameter values to indicate that a specific log type should be enabled, Security Hub produces a passed finding if the logging level is either `ERROR` or `INFO`. +This control checks whether all stages of an Amazon API Gateway REST or WebSocket API have logging enabled. The control fails if the `loggingLevel` isn't `ERROR` or `INFO` for all stages of the API. Unless you provide custom parameter values to indicate that a specific log type should be enabled, Security Hub CSPM produces a passed finding if the logging level is either `ERROR` or `INFO`. @@ -121 +121 @@ For information on how to use the API Gateway console to associate an AWS WAF Re -**AWS Config rule:** `api-gw-cache-encrypted` (custom Security Hub rule) +**AWS Config rule:** `api-gw-cache-encrypted` (custom Security Hub CSPM rule) @@ -127 +127 @@ For information on how to use the API Gateway console to associate an AWS WAF Re -This control checks whether all methods in API Gateway REST API stages that have cache enabled are encrypted. The control fails if any method in an API Gateway REST API stage is configured to cache and the cache is not encrypted. Security Hub evaluates the encryption of a particular method only when caching is enabled for that method. +This control checks whether all methods in API Gateway REST API stages that have cache enabled are encrypted. The control fails if any method in an API Gateway REST API stage is configured to cache and the cache is not encrypted. Security Hub CSPM evaluates the encryption of a particular method only when caching is enabled for that method. @@ -153 +153 @@ To configure API caching for a stage, see [Enable Amazon API Gateway caching](ht -Parameter | Description | Type | Allowed custom values | Security Hub default value +Parameter | Description | Type | Allowed custom values | Security Hub CSPM default value