AWS security-ir documentation change
Summary
Minor editorial changes including word removal ('any'), hyphen correction ('AWS-supported' to 'AWS supported'), and contraction ('does not' to 'doesn't').
Security assessment
Changes are grammatical improvements without altering security content. The containment section still describes the same security capabilities without adding new information.
Diff
diff --git a/security-ir/latest/userguide/setup-monitoring-and-investigation-workflows.md b/security-ir/latest/userguide/setup-monitoring-and-investigation-workflows.md index 9878a94a0..30b0f7f47 100644 --- a//security-ir/latest/userguide/setup-monitoring-and-investigation-workflows.md +++ b//security-ir/latest/userguide/setup-monitoring-and-investigation-workflows.md @@ -9 +9 @@ Proactive response and alert triaging workflow is an optional feature to enable -If you experience any onboarding issues, then please [ create an AWS Support case](https://docs.aws.amazon.com/awssupport/latest/user/case-management.html#creating-a-support-case) for additional assistance. Make sure to include details including the AWS account ID and any errors you may have seen during the setup process. +If you experience onboarding issues, then [ create an AWS Support case](https://docs.aws.amazon.com/awssupport/latest/user/case-management.html#creating-a-support-case) for additional assistance. Make sure to include details including the AWS account ID and any errors you may have seen during the setup process. @@ -15 +15 @@ If you experience any onboarding issues, then please [ create an AWS Support cas -If you have questions about Amazon GuardDuty suppression rules, alert triaging configurations, or proactive response workflows, you can create an AWS-supported case with the case type **Investigations and Inquiries** to consult with the AWS Security Incident Response team. For more information, see [Create an AWS supported case](./create-an-aws-supported-case.html). +If you have questions about Amazon GuardDuty suppression rules, alert triaging configurations, or proactive response workflows, you can create an AWS supported case with the case type **Investigations and Inquiries** to consult with the AWS Security Incident Response team. For more information, see [Create an AWS supported case](./create-an-aws-supported-case.html). @@ -21 +21 @@ _The service cannot create the service-linked role in the management account. Yo -**Containment:** In the event of a security incident, AWS Security Incident Response can execute containment actions to quickly mitigate the impact, such as isolating compromised hosts or rotating credentials. Security Incident Response does not enable containment capabilities by default. To execute these containment actions, you must first grant the necessary permissions to the service. This can be done by deploying an [AWS CloudFormation StackSet](https://docs.aws.amazon.com/security-ir/latest/userguide/working-with-stacksets.html), which creates the required roles. +**Containment:** In the event of a security incident, AWS Security Incident Response can execute containment actions to quickly mitigate the impact, such as isolating compromised hosts or rotating credentials. Security Incident Response doesn't enable containment capabilities by default. To execute these containment actions, you must first grant the necessary permissions to the service. This can be done by deploying an [AWS CloudFormation StackSet](https://docs.aws.amazon.com/security-ir/latest/userguide/working-with-stacksets.html), which creates the required roles.