AWS Security ChangesHomeSearch

AWS whitepapers documentation change

Service: whitepapers · 2026-06-19 · Documentation medium

File: whitepapers/latest/aws-security-incident-response-guide/containment.md

Summary

Removed detailed containment strategies including NIST criteria and AWS-specific containment categories

Security assessment

Elimination of technical containment guidance doesn't demonstrate resolution of a security vulnerability. The removed content was security documentation, but its deletion shows no evidence of patching a security flaw or incident response.

Diff

diff --git a/whitepapers/latest/aws-security-incident-response-guide/containment.md b/whitepapers/latest/aws-security-incident-response-guide/containment.md
index f6a61d9fd..8b1378917 100644
--- a//whitepapers/latest/aws-security-incident-response-guide/containment.md
+++ b//whitepapers/latest/aws-security-incident-response-guide/containment.md
@@ -1 +0,0 @@
-[View a markdown version of this page](containment.md)
@@ -3,57 +1,0 @@
-[](/pdfs/security-ir/latest/userguide/sir-ug.pdf#containment "Open PDF")
-
-[Documentation](/index.html)[Security Incident Response](/security-ir/index.html)[](what-is.html)
-
-# Containment
-
-One definition of containment, as it relates to incident response, is the process or implementation of a strategy during the handling of a security event that acts to minimize the scope of the security event and contain the effects of unauthorized usage within the environment. 
-
-A containment strategy depends on a myriad of factors and can be different from one organization to another in terms of application of containment tactics, timing, and purpose. The [NIST SP 800-61 Computer Security Incident Handling Guide](https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final) outlines several criteria for determining the appropriate containment strategy, which includes: 
-
-  * Potential damage to and theft of resources 
-
-  * Need for evidence preservation 
-
-  * Service availability (network connectivity, services provided to external parties) 
-
-  * Time and resources needed to implement the strategy 
-
-  * Effectiveness of the strategy (partial or full containment) 
-
-  * Duration of the solution (emergency workaround to be removed in four hours, temporary workaround to be removed in two weeks, permanent solution) 
-
-
-
-
-Regarding services on AWS, however, the fundamental containment steps can be distilled down to three categories: 
-
-  * **Source containment** – Use filtering and routing to prevent access from a certain source. 
-
-  * **Technique and access containment** – Remove access to prevent unauthorized access to the affected resources. 
-
-  * **Destination containment** – Use filtering and routing to prevent access to a target resource. 
-
-
-
-
-![Warning](https://d1ge0kk1l5kms0.cloudfront.net/images/G/01/webservices/console/warning.png) **Javascript is disabled or is unavailable in your browser.**
-
-To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.
-
-[Document Conventions](/general/latest/gr/docconventions.html)
-
-Develop narratives
-
-Source containment
-
-Did this page help you? - Yes
-
-Thanks for letting us know we're doing a good job!
-
-If you've got a moment, please tell us what we did right so we can do more of it.
-
-Did this page help you? - No
-
-Thanks for letting us know this page needs work. We're sorry we let you down.
-
-If you've got a moment, please tell us how we can make the documentation better.