AWS securityhub documentation change
Summary
Updated terminology from 'Security Hub' to 'Security Hub CSPM' throughout the document, including control references and default value labels
Security assessment
Changes are purely terminological updates (adding 'CSPM' branding) without addressing vulnerabilities, weaknesses, or incidents. No security implications identified as functionality remains unchanged.
Diff
diff --git a/securityhub/latest/userguide/config-controls.md b/securityhub/latest/userguide/config-controls.md index fc4f4f9b3..a83f3da09 100644 --- a//securityhub/latest/userguide/config-controls.md +++ b//securityhub/latest/userguide/config-controls.md @@ -7 +7 @@ -# Security Hub controls for AWS Config +# Security Hub CSPM controls for AWS Config @@ -9 +9 @@ -These Security Hub controls evaluate the AWS Config service and resources. +These Security Hub CSPM controls evaluate the AWS Config service and resources. @@ -23 +23 @@ These controls may not be available in all AWS Regions. For more information, se -**AWS Config rule:** None (custom Security Hub rule) +**AWS Config rule:** None (custom Security Hub CSPM rule) @@ -29 +29 @@ These controls may not be available in all AWS Regions. For more information, se -Parameter | Description | Type | Allowed custom values | Security Hub default value +Parameter | Description | Type | Allowed custom values | Security Hub CSPM default value @@ -50 +50 @@ Control results aren't impacted by whether you choose daily or continuous record -Security Hub security checks work as intended only if you enable AWS Config in all Regions and configure resource recording for controls that require it. +Security Hub CSPM security checks work as intended only if you enable AWS Config in all Regions and configure resource recording for controls that require it. @@ -54 +54 @@ Security Hub security checks work as intended only if you enable AWS Config in a -Config.1 requires that AWS Config is enabled in all Regions in which you use Security Hub. +Config.1 requires that AWS Config is enabled in all Regions in which you use Security Hub CSPM. @@ -56 +56 @@ Config.1 requires that AWS Config is enabled in all Regions in which you use Sec -Since Security Hub is a Regional service, the check performed for this control evaluates only the current Region for the account. +Since Security Hub CSPM is a Regional service, the check performed for this control evaluates only the current Region for the account. @@ -60 +60 @@ To allow security checks against IAM global resources in a Region, you must reco -The IAM globally recorded resource types that AWS Config supports are IAM users, groups, roles, and customer managed policies. You can consider disabling Security Hub controls that check these resource types in Regions where global resource recording is turned off. For more information, see [Suggested controls to disable in Security Hub CSPM](./controls-to-disable.html). +The IAM globally recorded resource types that AWS Config supports are IAM users, groups, roles, and customer managed policies. You can consider disabling Security Hub CSPM controls that check these resource types in Regions where global resource recording is turned off. For more information, see [Suggested controls to disable in Security Hub CSPM](./controls-to-disable.html).