AWS Security ChangesHomeSearch

AWS wellarchitected documentation change

Service: wellarchitected · 2025-12-10 · Documentation low

File: wellarchitected/2025-02-25/framework/sec_detect_investigate_events_security_alerts.md

Summary

Updated Security Hub references to Security Hub CSPM in alert management documentation

Security assessment

Emphasizes CSPM capabilities in security alert handling processes. While improves documentation clarity about security features, no indication of patching a security issue.

Diff

diff --git a/wellarchitected/2025-02-25/framework/sec_detect_investigate_events_security_alerts.md b/wellarchitected/2025-02-25/framework/sec_detect_investigate_events_security_alerts.md
index 2748fe008..eba336e31 100644
--- a//wellarchitected/2025-02-25/framework/sec_detect_investigate_events_security_alerts.md
+++ b//wellarchitected/2025-02-25/framework/sec_detect_investigate_events_security_alerts.md
@@ -32 +32 @@ Security alerts can come from many different sources within AWS, including:
-  * Services such as [Amazon GuardDuty](https://aws.amazon.com/guardduty/), [AWS Security Hub](https://aws.amazon.com/security-hub/), [Amazon Macie](https://aws.amazon.com/macie/), [Amazon Inspector](https://aws.amazon.com/inspector/), [AWS Config](https://aws.amazon.com/config/), [AWS Identity and Access Management Access Analyzer](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html), and [Network Access Analyzer](https://docs.aws.amazon.com/vpc/latest/network-access-analyzer/what-is-vaa.html)
+  * Services such as [Amazon GuardDuty](https://aws.amazon.com/guardduty/), [AWS Security Hub CSPM](https://aws.amazon.com/security-hub/), [Amazon Macie](https://aws.amazon.com/macie/), [Amazon Inspector](https://aws.amazon.com/inspector/), [AWS Config](https://aws.amazon.com/config/), [AWS Identity and Access Management Access Analyzer](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html), and [Network Access Analyzer](https://docs.aws.amazon.com/vpc/latest/network-access-analyzer/what-is-vaa.html)
@@ -55 +55 @@ While the initial criticality of an alert is an aid for prioritization, the cont
-  2. Establish a mechanism for capturing alerts from different sources. Consider services such as Security Hub, EventBridge, and CloudWatch for this purpose. 
+  2. Establish a mechanism for capturing alerts from different sources. Consider services such as Security Hub CSPM, EventBridge, and CloudWatch for this purpose. 
@@ -90 +90 @@ While the initial criticality of an alert is an aid for prioritization, the cont
-  * [How to enrich AWS Security Hub findings with account metadata](https://aws.amazon.com/blogs/security/how-to-enrich-aws-security-hub-findings-with-account-metadata/)
+  * [How to enrich AWS Security Hub CSPM findings with account metadata](https://aws.amazon.com/blogs/security/how-to-enrich-aws-security-hub-findings-with-account-metadata/)