AWS guardduty documentation change
Summary
Added documentation for new fields in GuardDuty findings: File Operation, File Path, and Related File Paths
Security assessment
This change documents new fields related to detecting sensitive file modifications, enhancing security monitoring capabilities. It describes detection of suspicious operations (write/delete/rename) on sensitive files but doesn't indicate a specific vulnerability being fixed.
Diff
diff --git a/guardduty/latest/ug/guardduty_findings-summary.md b/guardduty/latest/ug/guardduty_findings-summary.md index 004d3cc71..bcf72f8c1 100644 --- a//guardduty/latest/ug/guardduty_findings-summary.md +++ b//guardduty/latest/ug/guardduty_findings-summary.md @@ -623,0 +624,6 @@ From the following fields, a generated finding may include only those fields tha + * **File Operation** – The type of file operation that triggered the finding, such as Write, Delete, Rename, Link, or Symlink. + + * **File Path** – The path of the sensitive file that was modified. Modification includes write, delete, rename, link, or symlink operations. + + * **Related File Paths** – All file paths modified by the same process that triggered the finding, up to a maximum of 25 paths. +