AWS wellarchitected documentation change
Summary
Added CSPM (Cloud Security Posture Management) specification to Security Hub integrations for Check Point, Kion, and Palo Alto partners
Security assessment
The change clarifies that integrations use AWS Security Hub's CSPM capabilities for posture management. While CSPM relates to security posture monitoring, there's no evidence this addresses a specific vulnerability or incident - rather enhances documentation specificity about existing security features.
Diff
diff --git a/wellarchitected/latest/management-and-governance-guide/integrated-controls-and-guardrails-partners.md b/wellarchitected/latest/management-and-governance-guide/integrated-controls-and-guardrails-partners.md index c0e224d1d..07a19e2a9 100644 --- a//wellarchitected/latest/management-and-governance-guide/integrated-controls-and-guardrails-partners.md +++ b//wellarchitected/latest/management-and-governance-guide/integrated-controls-and-guardrails-partners.md @@ -26 +26 @@ The following controls partners have built integrations with AWS services, and a -[Check Point CloudGuard](https://aws.amazon.com/marketplace/solutions/control-tower/operational-intelligence/#CloudGuard) is a comprehensive cloud native security platform for visibility, workload protection, and posture management of cloud workloads and services. CloudGuard provides visualization of cloud assets, including network topology, and firewalls; comprehensive compliance management including automated continuous compliance to help assess and enforce regulatory requirements and security best practices; open-source auto-remediation to accelerate the resolution of dangerous misconfigurations and enforce compliance; automated reversion of unauthorized modifications to cloud accounts; and just-in-time privileged elevation with out-of-band authorization for IAM actions. Checkpoint findings are also integrated to AWS Security Hub. +[Check Point CloudGuard](https://aws.amazon.com/marketplace/solutions/control-tower/operational-intelligence/#CloudGuard) is a comprehensive cloud native security platform for visibility, workload protection, and posture management of cloud workloads and services. CloudGuard provides visualization of cloud assets, including network topology, and firewalls; comprehensive compliance management including automated continuous compliance to help assess and enforce regulatory requirements and security best practices; open-source auto-remediation to accelerate the resolution of dangerous misconfigurations and enforce compliance; automated reversion of unauthorized modifications to cloud accounts; and just-in-time privileged elevation with out-of-band authorization for IAM actions. Checkpoint findings are also integrated to AWS Security Hub CSPM. @@ -34 +34 @@ The following controls partners have built integrations with AWS services, and a -[Kion](https://aws.amazon.com/marketplace/solutions/control-tower/cost-management-and-governance/#cloudtamer.io) is a comprehensive enablement software solution that delivers visibility and control of cloud workloads. [Kion](https://aws.amazon.com/marketplace/solutions/control-tower/cost-management-and-governance/#cloudtamer.io) provides out-of-the box compliance checks to help enterprises auto-align with established standards like NIST and CIS, and delivers the flexibility to create custom checks. Auto-remediation and integrations with AWS Security Hub are also available. [Kion](https://aws.amazon.com/marketplace/solutions/control-tower/cost-management-and-governance/#cloudtamer.io) allows enterprises to manage their cloud presence at scale with automation and orchestration, financial management, and continuous compliance. +[Kion](https://aws.amazon.com/marketplace/solutions/control-tower/cost-management-and-governance/#cloudtamer.io) is a comprehensive enablement software solution that delivers visibility and control of cloud workloads. [Kion](https://aws.amazon.com/marketplace/solutions/control-tower/cost-management-and-governance/#cloudtamer.io) provides out-of-the box compliance checks to help enterprises auto-align with established standards like NIST and CIS, and delivers the flexibility to create custom checks. Auto-remediation and integrations with AWS Security Hub CSPM are also available. [Kion](https://aws.amazon.com/marketplace/solutions/control-tower/cost-management-and-governance/#cloudtamer.io) allows enterprises to manage their cloud presence at scale with automation and orchestration, financial management, and continuous compliance. @@ -36 +36 @@ The following controls partners have built integrations with AWS services, and a -[Palo Alto Networks Prisma Cloud](https://aws.amazon.com/marketplace/solutions/control-tower/security/#Palo_Alto) unifies Cloud Security Posture Management (CSPM) and workload protection (CWPP) into a single cloud native security platform. Continually monitor your environments and immediately enforce governance with hundreds of pre-built policies. Prisma Cloud ingests AWS APIs and sources threat intelligence from over 30 feeds to provide comprehensive visibility. Risk-ranked alerts prevent remediation fatigue and one-click compliance reporting helps ease auditing across even the most complex distributed environments. Prisma findings are also integrated to AWS Security Hub. +[Palo Alto Networks Prisma Cloud](https://aws.amazon.com/marketplace/solutions/control-tower/security/#Palo_Alto) unifies Cloud Security Posture Management (CSPM) and workload protection (CWPP) into a single cloud native security platform. Continually monitor your environments and immediately enforce governance with hundreds of pre-built policies. Prisma Cloud ingests AWS APIs and sources threat intelligence from over 30 feeds to provide comprehensive visibility. Risk-ranked alerts prevent remediation fatigue and one-click compliance reporting helps ease auditing across even the most complex distributed environments. Prisma findings are also integrated to AWS Security Hub CSPM.