AWS securityagent documentation change
Summary
Expanded code review capabilities documentation including GitHub/S3 integration, scan settings, and automated remediation features
Security assessment
The changes document security-focused features like static analysis for vulnerabilities, custom requirements validation, and automated remediation. However, there's no evidence of addressing a specific security vulnerability or incident.
Diff
diff --git a/securityagent/latest/userguide/how-it-works.md b/securityagent/latest/userguide/how-it-works.md index 5eecf2deb..1c05df0cd 100644 --- a//securityagent/latest/userguide/how-it-works.md +++ b//securityagent/latest/userguide/how-it-works.md @@ -49 +49,14 @@ Administrators configure AWS Security Agent through the AWS Management Console. -**Integrations** \- Connect GitHub repositories to each Agent Space to enable three key capabilities: +**Code review configuration** \- Configure code review capabilities for each Agent Space by: + + * Connecting GitHub repositories or S3 buckets containing source code + + * Selecting code review settings (security vulnerabilities, custom requirements, or both) + + * Enabling pull request comments for automated review of code changes in GitHub + + * Setting up CloudWatch logging for code review runs + + + + +**Integrations** \- Connect GitHub repositories to each Agent Space to enable key capabilities: @@ -53 +66 @@ Administrators configure AWS Security Agent through the AWS Management Console. - * Enable automated code review on pull requests + * Enable code review for full repository scans and pull request analysis @@ -55 +68 @@ Administrators configure AWS Security Agent through the AWS Management Console. - * Enable penetration test finding remediation through automated pull requests + * Enable automated code remediation through pull requests for code review and penetration test findings @@ -69,0 +83,2 @@ Users access the Security Agent Web Application to conduct security assessments +**Code reviews** \- Create and run code reviews that perform comprehensive static analysis across your full source code. Select GitHub repositories or S3 sources, configure scan settings, and review detailed security findings with remediation guidance. AWS Security Agent identifies security vulnerabilities and validates compliance with your organization’s custom security requirements across your entire codebase. + @@ -72 +87 @@ Users access the Security Agent Web Application to conduct security assessments -**Review findings** \- Examine detailed security findings from design reviews and penetration tests, including impact analysis, reproducible attack paths, and remediation guidance. +**Review findings** \- Examine detailed security findings from design reviews, code reviews, and penetration tests, including impact analysis, reproducible attack paths, and remediation guidance. @@ -80 +95,3 @@ AWS Security Agent integrates directly with GitHub to provide automated security -**Automated code review** \- After administrators install the AWS Security Agent GitHub App and enable code review for an Agent Space in the Console, AWS Security Agent automatically analyzes pull requests in connected repositories. Developers receive security findings and remediation guidance directly in pull request comments, validating code changes against organizational security requirements and common vulnerabilities. +**Pull request comments** \- After administrators install the AWS Security Agent GitHub App and enable code review with Code review comments for an Agent Space, AWS Security Agent automatically analyzes pull requests in connected repositories. Developers receive security findings and remediation guidance directly in pull request comments, validating code changes against organizational security requirements and common vulnerabilities. + +**Automatic remediation** \- When users enable automatic code remediation for a code review, AWS Security Agent generates fixes for identified vulnerabilities and submits pull requests to the associated GitHub repositories.