AWS Security ChangesHomeSearch

AWS security-ir documentation change

Service: security-ir · 2026-05-07 · Documentation low

File: security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md

Summary

Added document history entry clarifying proactive response requirements for GuardDuty/third-party findings.

Security assessment

Documents expanded security monitoring capabilities (third-party integrations) but doesn't address a specific vulnerability. Clarifies existing security operations.

Diff

diff --git a/security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md b/security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md
index 79a84be78..34bb44aba 100644
--- a//security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md
+++ b//security-ir/latest/userguide/document-history-for-the-aws-security-incident-response-user-guide.md
@@ -12,0 +13 @@ Change| Description| Date
+[Clarified proactive response requirements for Amazon GuardDuty and third-party findings](https://docs.aws.amazon.com/security-ir/latest/userguide/setup-monitoring-and-investigation-workflows.html)| Clarified that Amazon GuardDuty is not required to use proactive response. AWS Security Incident Response can also monitor and investigate threat alerts from third-party threat detection tools using Security Hub CSPM integrations. Updated the section to accurately describe detection service requirements and the value of configuring findings ingestion.| May 5, 2026