AWS Security ChangesHomeSearch

AWS prescriptive-guidance documentation change

Service: prescriptive-guidance · 2026-07-10 · Documentation low

File: prescriptive-guidance/latest/essential-eight-maturity/multi-factor-authentication.md

Summary

Updated document title to clarify audience scope (Australian organizations) and corrected formatting/spacing in logging section. Fixed a broken URL link for SEC04-BP02 best practice.

Security assessment

The changes are editorial improvements (title clarification, formatting fixes) and a URL correction. There is no evidence of addressing a specific vulnerability, security weakness, or incident. The content still discusses MFA logging best practices but doesn't introduce new security concepts.

Diff

diff --git a/prescriptive-guidance/latest/essential-eight-maturity/multi-factor-authentication.md b/prescriptive-guidance/latest/essential-eight-maturity/multi-factor-authentication.md
index 6a7a4345f..890e91ed1 100644
--- a//prescriptive-guidance/latest/essential-eight-maturity/multi-factor-authentication.md
+++ b//prescriptive-guidance/latest/essential-eight-maturity/multi-factor-authentication.md
@@ -5 +5 @@
-[Documentation](/index.html)[AWS Prescriptive Guidance](https://aws.amazon.com/prescriptive-guidance/)[Reaching Essential Eight maturity on AWS](introduction.html)
+[Documentation](/index.html)[AWS Prescriptive Guidance](https://aws.amazon.com/prescriptive-guidance/)[Reaching Essential Eight maturity on AWS: Security and compliance for Australian organizations](introduction.html)
@@ -20 +20 @@ Multi-factor authentication is verifier impersonation resistant and uses either:
-Successful and unsuccessful multi-factor authentications are centrally logged and protected from unauthorised modification and deletion, monitored for signs of compromise, and actioned when cyber security events are detected. | [Theme 7: Centralise logging and monitoring](./theme-7.html): Enable logging[Theme 7: Centralise logging and monitoring](./theme-7.html): Centralise logs | [Centralise CloudWatch Logs in an account for auditing and analysis](https://aws.amazon.com/blogs/architecture/stream-amazon-cloudwatch-logs-to-a-centralized-account-for-audit-and-analysis/) (AWS blog post)[Centralize management of Amazon Inspector](https://docs.aws.amazon.com/inspector/latest/user/managing-multiple-accounts.html)[Centralise management of Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html)[Create an organisation-wide aggregator in AWS Config](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html) (AWS blog post)[Centralise management of GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html)[Consider using Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html)[Receive CloudTrail logs from multiple accounts](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-receive-logs-from-multiple-accounts.html)[Send logs to a log archive account](https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/security-ou-and-accounts.html#log-archive-account) | [SEC04-BP01 Configure service and application logging](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_app_service_logging.html)[SEC04-BP02 Capture logs, findings, and metrics in standardized locations](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_logs.html)  
+Successful and unsuccessful multi-factor authentications are centrally logged and protected from unauthorised modification and deletion, monitored for signs of compromise, and actioned when cyber security events are detected.| [Theme 7: Centralise logging and monitoring](./theme-7.html): Enable logging[Theme 7: Centralise logging and monitoring](./theme-7.html): Centralise logs| [Centralise CloudWatch Logs in an account for auditing and analysis](https://aws.amazon.com/blogs/architecture/stream-amazon-cloudwatch-logs-to-a-centralized-account-for-audit-and-analysis/) (AWS blog post)[Centralize management of Amazon Inspector](https://docs.aws.amazon.com/inspector/latest/user/managing-multiple-accounts.html)[Centralise management of Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html)[Create an organisation-wide aggregator in AWS Config](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html) (AWS blog post)[Centralise management of GuardDuty](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html)[Consider using Security Lake](https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html)[Receive CloudTrail logs from multiple accounts](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-receive-logs-from-multiple-accounts.html)[Send logs to a log archive account](https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/security-ou-and-accounts.html#log-archive-account)| [SEC04-BP01 Configure service and application logging](https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_app_service_logging.html)[SEC04-BP02 Capture logs, findings, and metrics in standardized locations](https://docs.aws.amazon.com/wellarchitected/latest/framework/sec_detect_investigate_events_logs.html)