AWS guardduty documentation change
Summary
Added mappings for new 'Runtime/SensitiveFileModified' finding types to AWS Security Hub
Security assessment
This update integrates new file-monitoring security findings with Security Hub, improving centralized security visibility. While it documents security features, there's no evidence of a specific vulnerability being addressed.
Diff
diff --git a/guardduty/latest/ug/securityhub-integration.md b/guardduty/latest/ug/securityhub-integration.md index 480144f1b..d461adccd 100644 --- a//guardduty/latest/ug/securityhub-integration.md +++ b//guardduty/latest/ug/securityhub-integration.md @@ -153,0 +154 @@ GuardDuty finding type | ASFF finding type +[DefenseEvasion:Runtime/SensitiveFileModified](https://docs.aws.amazon.com/guardduty/latest/ug/findings-runtime-monitoring.html#defense-evasion-runtime-sensitive-file-modified) | TTPs/Defense Evasion/DefenseEvasion:Runtime-SensitiveFileModified @@ -242,0 +244 @@ GuardDuty finding type | ASFF finding type +[Persistence:Runtime/SensitiveFileModified](https://docs.aws.amazon.com/guardduty/latest/ug/findings-runtime-monitoring.html#persistence-runtime-sensitive-file-modified) | TTPs/Persistence/Persistence:Runtime-SensitiveFileModified @@ -263,0 +266 @@ GuardDuty finding type | ASFF finding type +[PrivilegeEscalation:Runtime/SensitiveFileModified](https://docs.aws.amazon.com/guardduty/latest/ug/findings-runtime-monitoring.html#privilege-escalation-runtime-sensitive-file-modified) | TTPs/Privilege Escalation/PrivilegeEscalation:Runtime-SensitiveFileModified