AWS security-ir documentation change
Summary
Added document history entry clarifying proactive response requirements for GuardDuty/third-party findings.
Security assessment
Documents expanded security monitoring capabilities (third-party integrations) but doesn't address a specific vulnerability. Clarifies existing security operations.
Diff
diff --git a/security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md b/security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md index 79a84be78..34bb44aba 100644 --- a//security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md +++ b//security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md @@ -12,0 +13 @@ Change| Description| Date +[Clarified proactive response requirements for Amazon GuardDuty and third-party findings](https://docs.aws.amazon.com/security-ir/latest/userguide/setup-monitoring-and-investigation-workflows.html)| Clarified that Amazon GuardDuty is not required to use proactive response. AWS Security Incident Response can also monitor and investigate threat alerts from third-party threat detection tools using Security Hub CSPM integrations. Updated the section to accurately describe detection service requirements and the value of configuring findings ingestion.| May 5, 2026