AWS securityagent documentation change
Summary
Added WAF troubleshooting tip: instruct users to allowlist traffic by 'securityagent' User-Agent header if agent is blocked.
Security assessment
Documents a security configuration (WAF allowlisting) but doesn't address a vulnerability. The change helps users properly configure security controls without evidence of patching an exploit.
Diff
diff --git a/securityagent/latest/userguide/troubleshooting.md b/securityagent/latest/userguide/troubleshooting.md index f89f2ba2f..e0782f8ff 100644 --- a//securityagent/latest/userguide/troubleshooting.md +++ b//securityagent/latest/userguide/troubleshooting.md @@ -75,0 +76,2 @@ If the penetration test agent is unable to make calls to the configured target U + * If you have a WAF configured, check that you WAF is not blocking penetration test traffic. You can allowlist penetration test traffic by `User-Agent` header, which will be set to `securityagent` by default +