AWS Security ChangesHomeSearch

AWS whitepapers documentation change

Service: whitepapers · 2025-12-10 · Documentation low

File: whitepapers/latest/classic-intrusion-analysis-frameworks-for-aws-environments/control-name-descriptions.md

Summary

Updated all references of 'AWS Security Hub' to 'AWS Security Hub CSPM' including section headers, partner references, and solution implementations. Added CSPM (Cloud Security Posture Management) branding throughout the document.

Security assessment

The changes rebrand AWS Security Hub to emphasize its Cloud Security Posture Management (CSPM) capabilities. This enhances documentation about security posture management features but shows no evidence of addressing a specific vulnerability or security incident. The modifications focus on clarifying existing security functionality rather than patching weaknesses.

Diff

diff --git a/whitepapers/latest/classic-intrusion-analysis-frameworks-for-aws-environments/control-name-descriptions.md b/whitepapers/latest/classic-intrusion-analysis-frameworks-for-aws-environments/control-name-descriptions.md
index 7d8175482..6efa0f361 100644
--- a//whitepapers/latest/classic-intrusion-analysis-frameworks-for-aws-environments/control-name-descriptions.md
+++ b//whitepapers/latest/classic-intrusion-analysis-frameworks-for-aws-environments/control-name-descriptions.md
@@ -5 +5 @@
-Amazon GuardDutyAmazon GuardDuty PartnersAmazon DetectiveBottlerocketAWS WAF, WAF Managed Rules + AutomationAmazon CloudWatch, CloudWatch Logs, CloudTrail + Insights, Reporting & Third PartiesAmazon CloudWatch Logs + Amazon Lookout for MetricsAmazon CloudWatch Logs + Amazon Lookout for Metrics + LambdaAWS Security HubAWS Security Hub Automated Response and RemediationAWS Security Hub PartnersAmazon Virtual Private Cloud (Amazon VPC)AWS PrivateLinkAmazon EC2 Security GroupsNetwork Access Control ListsAWS Identity and Access Management + AWS OrganizationsAWS Certificate Manager + Transport Layer SecurityNetwork Infrastructure Solutions in the AWS MarketplaceAmazon Virtual Private Cloud VPN Gateway + AWS Direct ConnectAmazon GuardDuty + AWS LambdaHoneypot and Honeynet EnvironmentsHoneywords and HoneykeysAWS WAF + AWS LambdaAmazon CloudWatch Events & Alarms + Amazon SNS + SIEM SolutionsNetwork Infrastructure Solutions in AWS MarketplaceAmazon CognitoReverse Proxy ArchitectureAmazon Virtual Private Cloud + AutomationAWS ShieldAmazon VPC Flow Logs + Amazon CloudWatch Alarms AWS Identity and Access Management (IAM) + IAM Policies and Policies BoundariesAWS Identity and Access Management (IAM) RolesAWS Organizations + Service Control Policies (SCPs) + AWS AccountsAmazon Simple Storage Service (Amazon S3) Bucket Policies, Object PoliciesAmazon EC2 – Linux, SELinux – Mandatory Access ControlAmazon EC2 – FreeBSD, Trusted BSD – Mandatory Access ControlAmazon EC2 – Linux, FreeBSD – Hardening and MinimizationAmazon EC2 – Linux – Role-Based Access Control (RBAC) and Discretionary Access Control (DAC)Amazon EC2 – Windows – Device GuardMicrosoft Windows Security BaselinesAWS Physical & Operational Security Policies & ProcessesImmutable Infrastructure – Short-Lived EnvironmentsLoad BalancingAWS Lambda, Amazon Simple Queue Service (Amazon SQS), AWS Step FunctionsAWS WAFAWS container and abstract servicesLinux cgroups, namespaces, SELinuxHypervisor-Level Guest-to-Guest and Guest-to-Host SeparationAWS Systems Manager State ManagerAWS Partner Network (APN) Offerings – File Integrity MonitoringThird-Party WAF IntegrationsAWS ConfigAWS Config rulesAmazon CloudWatch Events + Lambda AWS Managed ServicesCloudFormation + Service CatalogAWS Systems Manager State Manager, or Third-Party or OSS File Integrity Monitoring Solutions on Amazon EC2Third-Party Security Tools for ContainersThird-Party Security Tools for AWS Lambda FunctionsAWS Partner Offerings – Behavioral Monitoring, Response Tools and Services AWS Partner Offerings – Anti-Malware ProtectionAWS Lambda PartnersAWS Container Partners – SecurityAWS IoT Device Defender + AWS IoT SiteWiseAWS Secrets ManagerAmazon EC2 – Linux, Windows, FreeBSD – Address Space Layout Randomization (ASLR)Amazon EC2 – Linux, Windows, FreeBSD – Data Execution Prevention (DEP)Amazon EC2 – Windows – User Account Control (UAC)Amazon Simple Email Service Spam and Virus ProtectionAWS Auto ScalingAWS Systems Manager State Manager, AWS Systems Manager Inventory, AWS ConfigAmazon EC2 Forward Proxy ServersOutbound Proxy PartnersAmazon GuardDuty + AWS Lambda + AWS WAF, Security Groups, NACLsAWS DR OptionsAWS Partners Offerings – SQL Behavioral Analytics ProxiesAWS Nitro EnclavesAWS Key Management Service (AWS KMS) + AWS CloudHSMAWS KMS Key PoliciesAWS Network Firewall
+Amazon GuardDutyAmazon GuardDuty PartnersAmazon DetectiveBottlerocketAWS WAF, WAF Managed Rules + AutomationAmazon CloudWatch, CloudWatch Logs, CloudTrail + Insights, Reporting & Third PartiesAmazon CloudWatch Logs + Amazon Lookout for MetricsAmazon CloudWatch Logs + Amazon Lookout for Metrics + LambdaAWS Security Hub CSPMAWS Security Hub CSPM Automated Response and RemediationAWS Security Hub CSPM PartnersAmazon Virtual Private Cloud (Amazon VPC)AWS PrivateLinkAmazon EC2 Security GroupsNetwork Access Control ListsAWS Identity and Access Management + AWS OrganizationsAWS Certificate Manager + Transport Layer SecurityNetwork Infrastructure Solutions in the AWS MarketplaceAmazon Virtual Private Cloud VPN Gateway + AWS Direct ConnectAmazon GuardDuty + AWS LambdaHoneypot and Honeynet EnvironmentsHoneywords and HoneykeysAWS WAF + AWS LambdaAmazon CloudWatch Events & Alarms + Amazon SNS + SIEM SolutionsNetwork Infrastructure Solutions in AWS MarketplaceAmazon CognitoReverse Proxy ArchitectureAmazon Virtual Private Cloud + AutomationAWS ShieldAmazon VPC Flow Logs + Amazon CloudWatch Alarms AWS Identity and Access Management (IAM) + IAM Policies and Policies BoundariesAWS Identity and Access Management (IAM) RolesAWS Organizations + Service Control Policies (SCPs) + AWS AccountsAmazon Simple Storage Service (Amazon S3) Bucket Policies, Object PoliciesAmazon EC2 – Linux, SELinux – Mandatory Access ControlAmazon EC2 – FreeBSD, Trusted BSD – Mandatory Access ControlAmazon EC2 – Linux, FreeBSD – Hardening and MinimizationAmazon EC2 – Linux – Role-Based Access Control (RBAC) and Discretionary Access Control (DAC)Amazon EC2 – Windows – Device GuardMicrosoft Windows Security BaselinesAWS Physical & Operational Security Policies & ProcessesImmutable Infrastructure – Short-Lived EnvironmentsLoad BalancingAWS Lambda, Amazon Simple Queue Service (Amazon SQS), AWS Step FunctionsAWS WAFAWS container and abstract servicesLinux cgroups, namespaces, SELinuxHypervisor-Level Guest-to-Guest and Guest-to-Host SeparationAWS Systems Manager State ManagerAWS Partner Network (APN) Offerings – File Integrity MonitoringThird-Party WAF IntegrationsAWS ConfigAWS Config rulesAmazon CloudWatch Events + Lambda AWS Managed ServicesCloudFormation + Service CatalogAWS Systems Manager State Manager, or Third-Party or OSS File Integrity Monitoring Solutions on Amazon EC2Third-Party Security Tools for ContainersThird-Party Security Tools for AWS Lambda FunctionsAWS Partner Offerings – Behavioral Monitoring, Response Tools and Services AWS Partner Offerings – Anti-Malware ProtectionAWS Lambda PartnersAWS Container Partners – SecurityAWS IoT Device Defender + AWS IoT SiteWiseAWS Secrets ManagerAmazon EC2 – Linux, Windows, FreeBSD – Address Space Layout Randomization (ASLR)Amazon EC2 – Linux, Windows, FreeBSD – Data Execution Prevention (DEP)Amazon EC2 – Windows – User Account Control (UAC)Amazon Simple Email Service Spam and Virus ProtectionAWS Auto ScalingAWS Systems Manager State Manager, AWS Systems Manager Inventory, AWS ConfigAmazon EC2 Forward Proxy ServersOutbound Proxy PartnersAmazon GuardDuty + AWS Lambda + AWS WAF, Security Groups, NACLsAWS DR OptionsAWS Partners Offerings – SQL Behavioral Analytics ProxiesAWS Nitro EnclavesAWS Key Management Service (AWS KMS) + AWS CloudHSMAWS KMS Key PoliciesAWS Network Firewall
@@ -29 +29 @@ Amazon GuardDuty detects reconnaissance activity, such as unusual API activity,
-AWS security services like Amazon GuardDuty, Amazon Macie, and AWS Security Hub as well as partner security products can be used to identify potential security issues, or findings. These services are really helpful in alerting you when something is wrong and pointing out where to go to fix it. But sometimes there might be a security finding where you need to dig a lot deeper and analyze more information to isolate the root cause and take action. Determining the root cause of security findings can be a complex process that often involves collecting and combining logs from many separate data sources, using extract, transform, and load (ETL) tools or custom scripting to organize the data, and then security analysts having to analyze the data and conduct lengthy investigations. 
+AWS security services like Amazon GuardDuty, Amazon Macie, and AWS Security Hub CSPM as well as partner security products can be used to identify potential security issues, or findings. These services are really helpful in alerting you when something is wrong and pointing out where to go to fix it. But sometimes there might be a security finding where you need to dig a lot deeper and analyze more information to isolate the root cause and take action. Determining the root cause of security findings can be a complex process that often involves collecting and combining logs from many separate data sources, using extract, transform, and load (ETL) tools or custom scripting to organize the data, and then security analysts having to analyze the data and conduct lengthy investigations. 
@@ -79 +79 @@ After Amazon Lookout for Metrics creates an anomaly detection model, or detector
-## AWS Security Hub
+## AWS Security Hub CSPM
@@ -81 +81 @@ After Amazon Lookout for Metrics creates an anomaly detection model, or detector
-[AWS Security Hub](https://aws.amazon.com/security-hub) gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner offerings. 
+[AWS Security Hub CSPM](https://aws.amazon.com/security-hub) gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. With Security Hub CSPM, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner offerings. 
@@ -83 +83 @@ After Amazon Lookout for Metrics creates an anomaly detection model, or detector
-A [Security Hub _insight_](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-insights.html) is a collection of related findings defined by an aggregation statement and optional filters. An insight identifies a security area that requires attention and intervention. Security Hub offers several managed (default) insights that you cannot modify or delete. You can also create custom insights to track security issues that are unique to your AWS environment and usage. 
+A [Security Hub CSPM _insight_](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-insights.html) is a collection of related findings defined by an aggregation statement and optional filters. An insight identifies a security area that requires attention and intervention. Security Hub CSPM offers several managed (default) insights that you cannot modify or delete. You can also create custom insights to track security issues that are unique to your AWS environment and usage. 
@@ -85 +85 @@ A [Security Hub _insight_](https://docs.aws.amazon.com/securityhub/latest/usergu
-## AWS Security Hub Automated Response and Remediation
+## AWS Security Hub CSPM Automated Response and Remediation
@@ -87 +87 @@ A [Security Hub _insight_](https://docs.aws.amazon.com/securityhub/latest/usergu
-The AWS Solutions Implementation [AWS Security Hub Automated Response and Remediation](https://aws.amazon.com/solutions/implementations/aws-security-hub-automated-response-and-remediation/) addresses this challenge by providing predefined response and remediation actions based on industry compliance standards and best practices. 
+The AWS Solutions Implementation [AWS Security Hub CSPM Automated Response and Remediation](https://aws.amazon.com/solutions/implementations/aws-security-hub-automated-response-and-remediation/) addresses this challenge by providing predefined response and remediation actions based on industry compliance standards and best practices. 
@@ -89 +89 @@ The AWS Solutions Implementation [AWS Security Hub Automated Response and Remedi
-AWS Security Hub Automated Response and Remediation is an add-on solution that works with [AWS Security Hub](https://aws.amazon.com/security-hub/) to provide a ready-to-deploy architecture and a library of automated playbooks. The solution makes it easier for AWS Security Hub customers to resolve common security findings and to improve their security posture in AWS. 
+AWS Security Hub CSPM Automated Response and Remediation is an add-on solution that works with [AWS Security Hub CSPM](https://aws.amazon.com/security-hub/) to provide a ready-to-deploy architecture and a library of automated playbooks. The solution makes it easier for AWS Security Hub CSPM customers to resolve common security findings and to improve their security posture in AWS. 
@@ -91 +91 @@ AWS Security Hub Automated Response and Remediation is an add-on solution that w
-## AWS Security Hub Partners
+## AWS Security Hub CSPM Partners
@@ -93 +93 @@ AWS Security Hub Automated Response and Remediation is an add-on solution that w
-[AWS Security Hub APN Partner](https://aws.amazon.com/security-hub/partners/) products are a complement to Amazon GuardDuty. 
+[AWS Security Hub CSPM APN Partner](https://aws.amazon.com/security-hub/partners/) products are a complement to Amazon GuardDuty.