AWS Security ChangesHomeSearch

AWS securityagent documentation change

Service: securityagent · 2026-05-01 · Documentation low

File: securityagent/latest/userguide/manage-target-domains.md

Summary

Updated documentation for Private VPC domain verification, clarifying that the penetration test target endpoint domain name must match the full domain name configured for verification.

Security assessment

This change clarifies requirements for private VPC penetration testing domain verification. It improves documentation accuracy but does not address a specific security vulnerability.

Diff

diff --git a/securityagent/latest/userguide/manage-target-domains.md b/securityagent/latest/userguide/manage-target-domains.md
index a43ed6e46..6a68256f3 100644
--- a//securityagent/latest/userguide/manage-target-domains.md
+++ b//securityagent/latest/userguide/manage-target-domains.md
@@ -51 +51 @@ In order for a target domain to be used in a penetration test, it must first be
-  * **Private VPC domain** : Verify the target domain IP falls within a private CIDR range (see [Connect agent to private VPC resources](./connect-agent-vpc.html) for a list of private CIDR ranges). Click **Verify** and confirm that the target domain status becomes **Unreachable**. This domain can now be used for penetration testing with a configured VPC
+  * **Private VPC** : Verifies the target domain’s IP falls within a private CIDR range (see [Connect agent to private VPC resources](./connect-agent-vpc.html) for a list of private CIDR ranges). The penetration test target endpoint domain name must match the full domain name configured for verification. Only usable for private VPC penetration testing