AWS AWSCloudFormation documentation change
Summary
Expanded threat entity scope from IPs/domains to generic threat entities
Security assessment
Broadens documentation of security feature (custom threat detection) to cover additional threat types, enhancing threat visibility. No evidence of addressing specific vulnerabilities.
Diff
diff --git a/AWSCloudFormation/latest/TemplateReference/aws-resource-guardduty-threatentityset.md b/AWSCloudFormation/latest/TemplateReference/aws-resource-guardduty-threatentityset.md index bd4311b0f..096f47c6f 100644 --- a//AWSCloudFormation/latest/TemplateReference/aws-resource-guardduty-threatentityset.md +++ b//AWSCloudFormation/latest/TemplateReference/aws-resource-guardduty-threatentityset.md @@ -11 +11 @@ This is the new _CloudFormation Template Reference Guide_. Please update your bo -The `AWS::GuardDuty::ThreatEntitySet` resource helps you create a list of known malicious IP addresses and domain names in your AWS environment. Once you activate this list, GuardDuty will use the entries in this list as an additional source of threat detection and generate findings when there is an activity associated with these known malicious IP addresses and domain names. GuardDuty continues to monitor independently of this custom threat entity set. +The `AWS::GuardDuty::ThreatEntitySet` resource helps you create a list of known malicious threat entities in your AWS environment. Once you activate this list, GuardDuty will use the entries in this list as an additional source of threat detection and generate findings when there is an activity associated with these known malicious threat entities. GuardDuty continues to monitor independently of this custom threat entity set.