AWS Security ChangesHomeSearch

AWS wellarchitected documentation change

Service: wellarchitected · 2025-12-10 · Documentation low

File: wellarchitected/2024-06-27/framework/sec_detect_investigate_events_security_alerts.md

Summary

Replaced 'Security Hub' with 'Security Hub CSPM' in service references and blog titles to emphasize CSPM functionality in security alert management.

Security assessment

Terminology updates clarify the use of CSPM features but don't address security flaws or add new security documentation. Changes are editorial without security impact.

Diff

diff --git a/wellarchitected/2024-06-27/framework/sec_detect_investigate_events_security_alerts.md b/wellarchitected/2024-06-27/framework/sec_detect_investigate_events_security_alerts.md
index bf553f54d..74986df55 100644
--- a//wellarchitected/2024-06-27/framework/sec_detect_investigate_events_security_alerts.md
+++ b//wellarchitected/2024-06-27/framework/sec_detect_investigate_events_security_alerts.md
@@ -32 +32 @@ Security alerts can come from many different sources within AWS, including:
-  * Services such as [Amazon GuardDuty](https://aws.amazon.com/guardduty/), [AWS Security Hub](https://aws.amazon.com/security-hub/), [Amazon Macie](https://aws.amazon.com/macie/), [Amazon Inspector](https://aws.amazon.com/inspector/), [AWS Config](https://aws.amazon.com/config/), [AWS Identity and Access Management Access Analyzer](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html), and [Network Access Analyzer](https://docs.aws.amazon.com/vpc/latest/network-access-analyzer/what-is-vaa.html)
+  * Services such as [Amazon GuardDuty](https://aws.amazon.com/guardduty/), [AWS Security Hub CSPM](https://aws.amazon.com/security-hub/), [Amazon Macie](https://aws.amazon.com/macie/), [Amazon Inspector](https://aws.amazon.com/inspector/), [AWS Config](https://aws.amazon.com/config/), [AWS Identity and Access Management Access Analyzer](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html), and [Network Access Analyzer](https://docs.aws.amazon.com/vpc/latest/network-access-analyzer/what-is-vaa.html)
@@ -55 +55 @@ While the initial criticality of an alert is an aid for prioritization, the cont
-  2. Establish a mechanism for capturing alerts from different sources. Consider services such as Security Hub, EventBridge, and CloudWatch for this purpose. 
+  2. Establish a mechanism for capturing alerts from different sources. Consider services such as Security Hub CSPM, EventBridge, and CloudWatch for this purpose. 
@@ -90 +90 @@ While the initial criticality of an alert is an aid for prioritization, the cont
-  * [How to enrich AWS Security Hub findings with account metadata](https://aws.amazon.com/blogs/security/how-to-enrich-aws-security-hub-findings-with-account-metadata/)
+  * [How to enrich AWS Security Hub CSPM findings with account metadata](https://aws.amazon.com/blogs/security/how-to-enrich-aws-security-hub-findings-with-account-metadata/)
@@ -92 +92 @@ While the initial criticality of an alert is an aid for prioritization, the cont
-  * [How to use AWS Security Hub and Amazon OpenSearch Service for SIEM](https://aws.amazon.com/blogs/security/how-to-use-aws-security-hub-and-amazon-opensearch-service-for-siem/)
+  * [How to use AWS Security Hub CSPM and Amazon OpenSearch Service for SIEM](https://aws.amazon.com/blogs/security/how-to-use-aws-security-hub-and-amazon-opensearch-service-for-siem/)