AWS securityhub documentation change
Summary
Added four new BedrockAgentCore controls and SageMaker.18 to the controls reference table
Security assessment
Adds documentation for new security controls covering encryption, network configuration, and session recording. No evidence of addressing specific vulnerabilities; expands security feature documentation.
Diff
diff --git a/securityhub/latest/userguide/securityhub-controls-reference.md b/securityhub/latest/userguide/securityhub-controls-reference.md index 14793fdc3..129f41f51 100644 --- a//securityhub/latest/userguide/securityhub-controls-reference.md +++ b//securityhub/latest/userguide/securityhub-controls-reference.md @@ -82,0 +83,4 @@ Security control ID | Security control title | Applicable standards | Severity | +[BedrockAgentCore.3](./bedrockagentcore-controls.html#bedrockagentcore-3) | Bedrock AgentCore Memory should be encrypted with customer managed AWS KMS keys | NIST SP 800-53 Rev. 5 | MEDIUM | No | Change triggered +[BedrockAgentCore.4](./bedrockagentcore-controls.html#bedrockagentcore-4) | Bedrock AgentCore Gateway should be encrypted with customer managed AWS KMS keys | NIST SP 800-53 Rev. 5 | MEDIUM | No | Change triggered +[BedrockAgentCore.5](./bedrockagentcore-controls.html#bedrockagentcore-5) | Bedrock AgentCore custom browsers should not use public network mode | AWS Foundational Security Best Practices | HIGH | No | Change triggered +[BedrockAgentCore.6](./bedrockagentcore-controls.html#bedrockagentcore-6) | Bedrock AgentCore custom browsers should have session recording enabled | AWS Foundational Security Best Practices | MEDIUM | No | Change triggered @@ -571,0 +576 @@ Security control ID | Security control title | Applicable standards | Severity | +[SageMaker.18](./sagemaker-controls.html#sagemaker-18) | SageMaker feature group online stores with standard storage should be encrypted with AWS KMS keys | NIST SP 800-53 Rev. 5 | MEDIUM | No | Change triggered