AWS Security ChangesHomeSearch

AWS wellarchitected documentation change

Service: wellarchitected · 2025-12-10 · Documentation low

File: wellarchitected/2023-04-10/framework/sec_detect_investigate_events_analyze_all.md

Summary

Replaced all 'AWS Security Hub' references with 'AWS Security Hub CSPM' and updated service description

Security assessment

The changes consistently update terminology to include CSPM but don't address security vulnerabilities. The modifications maintain existing security documentation without adding new security features or addressing incidents.

Diff

diff --git a/wellarchitected/2023-04-10/framework/sec_detect_investigate_events_analyze_all.md b/wellarchitected/2023-04-10/framework/sec_detect_investigate_events_analyze_all.md
index 09a052b82..d42ab7bbf 100644
--- a//wellarchitected/2023-04-10/framework/sec_detect_investigate_events_analyze_all.md
+++ b//wellarchitected/2023-04-10/framework/sec_detect_investigate_events_analyze_all.md
@@ -15 +15 @@ This best practice applies not only to security events generated from log messag
-Amazon GuardDuty and AWS Security Hub provide aggregation, deduplication, and analysis mechanisms for log records that are also made available to you via other AWS services. GuardDuty ingests, aggregates, and analyzes information from sources such as AWS CloudTrail management and data events, VPC DNS logs, and VPC Flow Logs. Security Hub can ingest, aggregate, and analyze output from GuardDuty, AWS Config, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and a significant number of third-party security products available in the AWS Marketplace, and if built accordingly, your own code. Both GuardDuty and Security Hub have an Administrator-Member model that can aggregate findings and insights across multiple accounts, and Security Hub is often used by customers who have an on- premises SIEM as an AWS-side log and alert preprocessor and aggregator from which they can then ingest Amazon EventBridge through a AWS Lambda-based processor and forwarder.
+Amazon GuardDuty and AWS Security Hub CSPM provide aggregation, deduplication, and analysis mechanisms for log records that are also made available to you via other AWS services. GuardDuty ingests, aggregates, and analyzes information from sources such as AWS CloudTrail management and data events, VPC DNS logs, and VPC Flow Logs. Security Hub CSPM can ingest, aggregate, and analyze output from GuardDuty, AWS Config, Amazon Inspector, Amazon Macie, AWS Firewall Manager, and a significant number of third-party security products available in the AWS Marketplace, and if built accordingly, your own code. Both GuardDuty and Security Hub CSPM have an Administrator-Member model that can aggregate findings and insights across multiple accounts, and Security Hub CSPM is often used by customers who have an on- premises SIEM as an AWS-side log and alert preprocessor and aggregator from which they can then ingest Amazon EventBridge through a AWS Lambda-based processor and forwarder.
@@ -46 +46 @@ Amazon GuardDuty and AWS Security Hub provide aggregation, deduplication, and an
-  * [AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html)
+  * [AWS Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html)
@@ -63 +63 @@ Amazon GuardDuty and AWS Security Hub provide aggregation, deduplication, and an
-  * [Remediating Amazon GuardDuty and AWS Security Hub Findings ](https://youtu.be/nyh4imv8zuk)
+  * [Remediating Amazon GuardDuty and AWS Security Hub CSPM Findings ](https://youtu.be/nyh4imv8zuk)
@@ -65 +65 @@ Amazon GuardDuty and AWS Security Hub provide aggregation, deduplication, and an
-  * [ Threat management in the cloud: Amazon GuardDuty and AWS Security Hub](https://youtu.be/vhYsm5gq9jE)
+  * [ Threat management in the cloud: Amazon GuardDuty and AWS Security Hub CSPM](https://youtu.be/vhYsm5gq9jE)