AWS Security ChangesHomeSearch

AWS securityagent documentation change

Service: securityagent · 2026-06-19 · Documentation medium

File: securityagent/latest/userguide/review-code-scan-findings.md

Summary

Added 'Simulated validation' step to exploit vulnerabilities in runtime environments and expanded finding details with validation status indicators.

Security assessment

Documents new vulnerability validation capabilities during code scanning (security feature enhancement). The explicit status indicators ('Confirmed', 'Not reproduced', etc.) improve exploit verification documentation but show no evidence of patching vulnerabilities.

Diff

diff --git a/securityagent/latest/userguide/review-code-scan-findings.md b/securityagent/latest/userguide/review-code-scan-findings.md
index b46c55c12..e6215447f 100644
--- a//securityagent/latest/userguide/review-code-scan-findings.md
+++ b//securityagent/latest/userguide/review-code-scan-findings.md
@@ -50,0 +51,2 @@ Track the progress of your code review run using the step indicator at the top o
+     * **Simulated validation** (optional) – When enabled, provisions a simulated environment and attempts to exploit discovered vulnerabilities against the running application.
+
@@ -58 +60 @@ Track the progress of your code review run using the step indicator at the top o
-Each step displays a status indicator (Completed or In progress). The run is complete when all three phases show Completed.
+Each step displays a status indicator (Completed or In progress). The run is complete when all phases show Completed. The simulated validation step only appears when you enable simulated validation during code review creation.
@@ -161,0 +164,10 @@ Select individual findings to view comprehensive information about each vulnerab
+     * **Validation status** – When simulated validation is enabled, indicates whether the finding was confirmed exploitable in a running environment:
+
+       * **Confirmed** – The vulnerability was successfully exploited in the simulated environment
+
+       * **Not reproduced** – The vulnerability could not be exploited in the target runtime
+
+       * **Validation failed** – The validation attempt was inconclusive due to an error
+
+       * **Not validated** – Simulated validation was not performed for this finding. This occurs when validation is not enabled or the validation step timed out before reaching this finding.
+