AWS security-ir documentation change
Summary
Replaced all references to 'AWS SIRT' with 'Security Incident Response Engineering' in case management documentation
Security assessment
Organizational naming standardization. No changes to security protocols, response SLOs, or incident handling procedures.
Diff
diff --git a/security-ir/latest/userguide/understand-case-types.md b/security-ir/latest/userguide/understand-case-types.md index 794116494..fc115cfdd 100644 --- a//security-ir/latest/userguide/understand-case-types.md +++ b//security-ir/latest/userguide/understand-case-types.md @@ -11 +11 @@ Proactive casesReactive casesWatchers -AWS Security Incident Response provides two types of cases to manage security events: proactive cases that are automatically created when threats are detected, and reactive cases that you create when you need assistance from AWS SIRT. You can also grant case visibility to external parties such as partners, legal teams, or subject matter experts. +AWS Security Incident Response provides two types of cases to manage security events: proactive cases that are automatically created when threats are detected, and reactive cases that you create when you need assistance from Security Incident Response Engineering. You can also grant case visibility to external parties such as partners, legal teams, or subject matter experts. @@ -26 +26 @@ AWS Security Incident Response provides two types of cases to manage security ev -The auto-triage feature continuously reviews high-volume alerts to filter out noise and focus on critical, high-impact threats. When a potential threat is detected, the system escalates the finding to an AWS SIRT responder for investigation. If the finding is confirmed as a genuine threat, a proactive case is created in the case management portal and all configured stakeholders are notified automatically. +The auto-triage feature continuously reviews high-volume alerts to filter out noise and focus on critical, high-impact threats. When a potential threat is detected, the system escalates the finding to an Security Incident Response Engineering responder for investigation. If the finding is confirmed as a genuine threat, a proactive case is created in the case management portal and all configured stakeholders are notified automatically. @@ -32 +32 @@ No manual configuration is required for proactive cases beyond enabling GuardDut -AWS Security Incident Response provides a subscription-based case management portal where your organization works directly with AWS SIRT. AWS SIRT assists with security investigations and active incidents with a **15-minute service level objective (SLO)**. There is no limit on the number of reactive cases you can open. +AWS Security Incident Response provides a subscription-based case management portal where your organization works directly with Security Incident Response Engineering. Security Incident Response Engineering assists with security investigations and active incidents with a **15-minute service level objective (SLO)**. There is no limit on the number of reactive cases you can open. @@ -42 +42 @@ AWS Security Incident Response provides a subscription-based case management por - * **AWS-supported** : Escalated directly to AWS SIRT for investigation and guidance (15-minute SLO). + * **AWS-supported** : Escalated directly to Security Incident Response Engineering for investigation and guidance (15-minute SLO). @@ -51 +51 @@ AWS Security Incident Response provides a subscription-based case management por -Both case types use the same data fields. You can escalate a self-managed case to AWS SIRT at any time by choosing **Get help from AWS** in the upper-right corner of the case. +Both case types use the same data fields. You can escalate a self-managed case to Security Incident Response Engineering at any time by choosing **Get help from AWS** in the upper-right corner of the case.