AWS Security ChangesHomeSearch

AWS security-ir documentation change

Service: security-ir · 2026-02-25 · Documentation low

File: security-ir/latest/userguide/understanding-automatic-archiving.md

Summary

Formatting normalization: section headers changed to sentence case, bullet point consistency fixes, and minor verb tense adjustment.

Security assessment

Purely editorial changes to heading capitalization and bullet point formatting. The core security functionality of automatic archiving for benign findings remains unchanged with no new security implications.

Diff

diff --git a/security-ir/latest/userguide/understanding-automatic-archiving.md b/security-ir/latest/userguide/understanding-automatic-archiving.md
index 25367c15d..9aba4eeae 100644
--- a//security-ir/latest/userguide/understanding-automatic-archiving.md
+++ b//security-ir/latest/userguide/understanding-automatic-archiving.md
@@ -9 +9 @@ When you enable proactive response and alert triaging, AWS Security Incident Res
-**Automatic Archiving Behavior:**
+**Automatic archiving behavior:**
@@ -11 +11 @@ When you enable proactive response and alert triaging, AWS Security Incident Res
-  * **Benign Findings:** When the auto-triage process determines that a finding is benign (not a true security threat), AWS Security Incident Response automatically archives the finding in Amazon GuardDuty and creates suppression rules to prevent similar findings from generating alerts in the future.
+  * **Benign findings:** When the auto-triage process determines that a finding is benign (not a true security threat), AWS Security Incident Response automatically archives the finding in Amazon GuardDuty and creates suppression rules to prevent similar findings from generating alerts in the future.
@@ -13 +13 @@ When you enable proactive response and alert triaging, AWS Security Incident Res
-  * **Suppression Rules:** The service creates suppression and auto-archive rules in both Amazon GuardDuty and Security Hub CSPM for findings that match your environment's known-good patterns, such as expected IP addresses, IAM entities, and normal operational behaviors.
+  * **Suppression rules:** The service creates suppression and auto-archive rules in both Amazon GuardDuty and Security Hub CSPM for findings that match your environment's known-good patterns, such as expected IP addresses, IAM entities, and normal operational behaviors.
@@ -15 +15 @@ When you enable proactive response and alert triaging, AWS Security Incident Res
-  * **Reduced Alert Volume:** Organizations using SIEM technology will see significantly reduced Amazon GuardDuty finding volumes over time as the service learns your environment and automatically archives benign findings. This improves efficiency for both the AWS Security Incident Response service and your SIEM.
+  * **Reduced alert volume:** Organizations using SIEM technology see significantly reduced Amazon GuardDuty finding volumes over time as the service learns your environment and automatically archives benign findings. This improves efficiency for both the AWS Security Incident Response service and your SIEM.
@@ -20 +20 @@ When you enable proactive response and alert triaging, AWS Security Incident Res
-**Viewing Archived Findings:**
+**Viewing archived findings:**
@@ -35 +35 @@ You can review automatically archived findings and the suppression rules created
-**Important Considerations:**
+**Important considerations:**