AWS Security ChangesHomeSearch

AWS securityhub documentation change

Service: securityhub · 2026-04-16 · Documentation low

File: securityhub/latest/userguide/securityhub-standards-schedule.md

Summary

Added markdown link and changed Security Hub CSPM check frequency from 'every 18 hours' to 'at least once every 24 hours'

Security assessment

The change updates the frequency of Security Hub CSPM checks from 18 hours to at least once every 24 hours. This is an operational change that may affect how quickly findings are generated, but there is no evidence of a security vulnerability being addressed. It appears to be a documentation correction or service update.

Diff

diff --git a/securityhub/latest/userguide/securityhub-standards-schedule.md b/securityhub/latest/userguide/securityhub-standards-schedule.md
index 27ebc288c..13784201d 100644
--- a//securityhub/latest/userguide/securityhub-standards-schedule.md
+++ b//securityhub/latest/userguide/securityhub-standards-schedule.md
@@ -0,0 +1,2 @@
+[View a markdown version of this page](securityhub-standards-schedule.md)
+
@@ -25 +27 @@ Checks that use Security Hub CSPM custom Lambda functions are periodic.
-Change-triggered security checks run when the associated resource changes state. AWS Config lets you choose between _continuous recording_ of changes in resource state and _daily recording_. If you choose daily recording, AWS Config delivers resource configuration data at the end of each 24 hour period if there are changes in resource state. If there are no changes, no data is delivered. This may delay the generation of Security Hub CSPM findings until a 24-hour period is complete. Regardless of your chosen recording period, Security Hub CSPM checks every 18 hours to ensure no resource updates from AWS Config were missed.
+Change-triggered security checks run when the associated resource changes state. AWS Config lets you choose between _continuous recording_ of changes in resource state and _daily recording_. If you choose daily recording, AWS Config delivers resource configuration data at the end of each 24 hour period if there are changes in resource state. If there are no changes, no data is delivered. This may delay the generation of Security Hub CSPM findings until a 24-hour period is complete. Regardless of your chosen recording period, Security Hub CSPM checks at least once every 24 hours to ensure no resource updates from AWS Config were missed.