AWS prescriptive-guidance documentation change
Summary
Replaced 'Security Hub CSPM' with 'Security Hub' in MSSP context and service mapping table; formatting adjustments
Security assessment
Terminology update from 'Security Hub CSPM' to 'Security Hub' without altering security functionality. No evidence of security vulnerability fixes. References to SPD handling and compliance features remain consistent with previous documentation.
Diff
diff --git a/prescriptive-guidance/latest/cmmc-level-2-compliance-on-aws/faq.md b/prescriptive-guidance/latest/cmmc-level-2-compliance-on-aws/faq.md index 4e39dc541..3eda4e29d 100644 --- a//prescriptive-guidance/latest/cmmc-level-2-compliance-on-aws/faq.md +++ b//prescriptive-guidance/latest/cmmc-level-2-compliance-on-aws/faq.md @@ -297 +297 @@ Yes. Both the MSP and the MSSP qualify as ESPs and will be assessed as part of t -On AWS, this scenario commonly arises when an organization uses a third-party MSP to administer their AWS environment and a separate MSSP to manage Security Hub CSPM, GuardDuty, or other security tooling. Even though CUI is not sent to these providers, they handle SPD (log files, configuration data, vulnerability data, credentials) and are in scope. +On AWS, this scenario commonly arises when an organization uses a third-party MSP to administer their AWS environment and a separate MSSP to manage Security Hub, GuardDuty, or other security tooling. Even though CUI is not sent to these providers, they handle SPD (log files, configuration data, vulnerability data, credentials) and are in scope. @@ -395 +395 @@ AWS Config | ~19 controls | Baselines, compliance rules, drift detection -AWS Security Hub CSPM | ~13 controls | Compliance findings, standards, evidence aggregation +AWS Security Hub| ~13 controls| Compliance findings, standards, evidence aggregation @@ -451 +451 @@ AWS provides services, resources, and programs designed to support your CMMC com - * Security Hub CSPM: Aggregates security findings and checks compliance against standards including NIST SP 800-171. + * Security Hub: Aggregates security findings and checks compliance against standards including NIST SP 800-171.