AWS Security ChangesHomeSearch

AWS security-ir documentation change

Service: security-ir · 2026-02-25 · Documentation low

File: security-ir/latest/userguide/external-tooling.md

Summary

Changed headings to lowercase, added 'CSPM' specification to Security Hub findings reference, removed hyphen from 'AWS-supported', and improved sentence structure

Security assessment

The addition of 'CSPM' specifies the type of Security Hub findings involved, enhancing documentation about security integrations. No security vulnerability is addressed; changes improve clarity of security operations documentation.

Diff

diff --git a/security-ir/latest/userguide/external-tooling.md b/security-ir/latest/userguide/external-tooling.md
index 0e8f12a2f..048aeeacf 100644
--- a//security-ir/latest/userguide/external-tooling.md
+++ b//security-ir/latest/userguide/external-tooling.md
@@ -5 +5 @@
-# External Tooling Workflow
+# External tooling workflow
@@ -9 +9 @@ Security Incident Response integrates with external tools and partners in multip
-  * _SIEM integration:_ Security Incident Response engineers help analyze and investigate those findings in parallel with your team when you submit AWS-supported cases. We identify correlations across hybrid and multi-cloud environments, helping scope threat actor movements between providers.
+  * _SIEM integration:_ Security Incident Response engineers help analyze and investigate those findings in parallel with your team when you submit AWS supported cases. We identify correlations across hybrid and multi-cloud environments, helping scope threat actor movements between providers.
@@ -11 +11 @@ Security Incident Response integrates with external tools and partners in multip
-  * _Enhances your existing security operations:_ We replace traditional GuardDuty response workflows with a more efficient, parallel response model. Many organizations currently utilize SIEM technology for detection workflows through case management, this service provides a streamlined alternative specifically for GuardDuty (and select Security Hub) findings. The solution leverages sophisticated auto-triage technology with human oversight to create proactive cases in your portal, simultaneously alerting your response team and engaging our Security Incident Response engineers for coordinated remediation efforts.
+  * _Enhances your existing security operations:_ We replace traditional GuardDuty response workflows with a more efficient, parallel response model. Many organizations currently utilize SIEM technology for detection workflows through case management. This service provides a streamlined alternative specifically for GuardDuty (and select Security Hub CSPM) findings. The solution leverages sophisticated auto-triage technology with human oversight to create proactive cases in your portal, simultaneously alerting your response team and engaging our Security Incident Response engineers for coordinated remediation efforts.
@@ -24 +24 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please
-Integrations and External Tooling Workflow
+Integrations and external tooling workflow
@@ -26 +26 @@ Integrations and External Tooling Workflow
-Appendix A: Points of Contact
+Appendix A: Points of contact