AWS wellarchitected documentation change
Summary
Replaced 'AWS Security Hub' with 'AWS Security Hub CSPM' in alert sources and updated a blog reference to include CSPM.
Security assessment
Changes solely update service nomenclature to 'CSPM' without modifying security guidance or addressing vulnerabilities. No security implications beyond terminology refinement.
Diff
diff --git a/wellarchitected/latest/framework/sec_detect_investigate_events_security_alerts.md b/wellarchitected/latest/framework/sec_detect_investigate_events_security_alerts.md index f9dc3c6dd..ba1b87150 100644 --- a//wellarchitected/latest/framework/sec_detect_investigate_events_security_alerts.md +++ b//wellarchitected/latest/framework/sec_detect_investigate_events_security_alerts.md @@ -32 +32 @@ Security alerts can come from many different sources within AWS, including: - * Services such as [Amazon GuardDuty](https://aws.amazon.com/guardduty/), [AWS Security Hub](https://aws.amazon.com/security-hub/), [Amazon Macie](https://aws.amazon.com/macie/), [Amazon Inspector](https://aws.amazon.com/inspector/), [AWS Config](https://aws.amazon.com/config/), [AWS Identity and Access Management Access Analyzer](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html), and [Network Access Analyzer](https://docs.aws.amazon.com/vpc/latest/network-access-analyzer/what-is-vaa.html) + * Services such as [Amazon GuardDuty](https://aws.amazon.com/guardduty/), [AWS Security Hub CSPM](https://aws.amazon.com/security-hub/), [Amazon Macie](https://aws.amazon.com/macie/), [Amazon Inspector](https://aws.amazon.com/inspector/), [AWS Config](https://aws.amazon.com/config/), [AWS Identity and Access Management Access Analyzer](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html), and [Network Access Analyzer](https://docs.aws.amazon.com/vpc/latest/network-access-analyzer/what-is-vaa.html) @@ -55 +55 @@ While the initial criticality of an alert is an aid for prioritization, the cont - 2. Establish a mechanism for capturing alerts from different sources. Consider services such as Security Hub, EventBridge, and CloudWatch for this purpose. + 2. Establish a mechanism for capturing alerts from different sources. Consider services such as Security Hub CSPM, EventBridge, and CloudWatch for this purpose. @@ -90 +90 @@ While the initial criticality of an alert is an aid for prioritization, the cont - * [How to enrich AWS Security Hub findings with account metadata](https://aws.amazon.com/blogs/security/how-to-enrich-aws-security-hub-findings-with-account-metadata/) + * [How to enrich AWS Security Hub CSPM findings with account metadata](https://aws.amazon.com/blogs/security/how-to-enrich-aws-security-hub-findings-with-account-metadata/)