AWS prescriptive-guidance documentation change
Summary
Updated Security Hub references by removing 'CSPM', modified image path, and adjusted figure caption text.
Security assessment
Changes involve terminology updates (removing 'CSPM' from Security Hub) and image path corrections. No evidence of security vulnerability fixes, incident responses, or new security capabilities. The core security architecture description remains unchanged.
Diff
diff --git a/prescriptive-guidance/latest/cmmc-level-2-compliance-on-aws/security-protection-data-flows.md b/prescriptive-guidance/latest/cmmc-level-2-compliance-on-aws/security-protection-data-flows.md index 456dc7b51..f74ccb703 100644 --- a//prescriptive-guidance/latest/cmmc-level-2-compliance-on-aws/security-protection-data-flows.md +++ b//prescriptive-guidance/latest/cmmc-level-2-compliance-on-aws/security-protection-data-flows.md @@ -25 +25 @@ Channel | Sources | Destination | Purpose -Findings pipeline | GuardDuty, Amazon Inspector, IAM Access Analyzer, AWS Config (via Config Aggregator) | Security Hub CSPM (aggregated dashboard) | Current security posture: what is the state right now? +Findings pipeline| GuardDuty, Amazon Inspector, IAM Access Analyzer, AWS Config (via Config Aggregator)| Security Hub (aggregated dashboard)| Current security posture: what is the state right now? @@ -32 +32 @@ This figure illustrates how SPD flows from source services in the CUI Workload A - + @@ -34 +34 @@ This figure illustrates how SPD flows from source services in the CUI Workload A -Figure 2: Security protection data flow architecture. Source services in the CUI Workload Account(s) feed into two parallel channels: the findings pipeline (aggregated in Security Hub CSPM) and the raw log pipeline (stored in Amazon S3 with Object Lock). Both channels feed into the evidence pipeline, which produces SSP artifacts, control-mapped evidence, POA&M tracking, and SPRS score calculations. +Figure 2: Security protection data flow architecture. Source services in the CUI Workload Account(s) feed into two parallel channels: the findings pipeline (aggregated in Security Hub) and the raw log pipeline (stored in Amazon S3 with Object Lock). Both channels feed into the evidence pipeline, which produces SSP artifacts, control-mapped evidence, POA&M tracking, and SPRS score calculations.