AWS Security ChangesHomeSearch

AWS whitepapers documentation change

Service: whitepapers · 2025-12-10 · Documentation low

File: whitepapers/latest/aws-caf-security-perspective/data-protection.md

Summary

Updated reference from 'AWS Security Hub' to 'AWS Security Hub CSPM' for security standards verification

Security assessment

Change only updates product naming without introducing new security concepts or addressing vulnerabilities. CSPM (Cloud Security Posture Management) is a feature refinement, not a response to a specific security incident.

Diff

diff --git a/whitepapers/latest/aws-caf-security-perspective/data-protection.md b/whitepapers/latest/aws-caf-security-perspective/data-protection.md
index 2f470ee12..7c1735750 100644
--- a//whitepapers/latest/aws-caf-security-perspective/data-protection.md
+++ b//whitepapers/latest/aws-caf-security-perspective/data-protection.md
@@ -96 +96 @@ To support the encryption components listed preceding, usage of key management s
-To confirm that the data protection controls are working as expected, it is important to set up detective controls, and then responsive controls as your maturity in cloud increases. Use automated tools to validate and enforce data at rest controls continuously. For example, verify that there are only encrypted storage resources. You can automate validation that all EBS volumes are encrypted using [ _AWS Config Rules_](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html). [_AWS Security Hub_](https://aws.amazon.com/security-hub/) can also verify a number of different controls through automated checks against security standards. Additionally, your AWS Config Rules can automatically [ _remediate noncompliant resources_](https://docs.aws.amazon.com/config/latest/developerguide/remediation.html#setup-autoremediation). 
+To confirm that the data protection controls are working as expected, it is important to set up detective controls, and then responsive controls as your maturity in cloud increases. Use automated tools to validate and enforce data at rest controls continuously. For example, verify that there are only encrypted storage resources. You can automate validation that all EBS volumes are encrypted using [ _AWS Config Rules_](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config.html). [_AWS Security Hub CSPM_](https://aws.amazon.com/security-hub/) can also verify a number of different controls through automated checks against security standards. Additionally, your AWS Config Rules can automatically [ _remediate noncompliant resources_](https://docs.aws.amazon.com/config/latest/developerguide/remediation.html#setup-autoremediation).