Revisions - Automated Security Response on AWS

Revisions

Date Change
August 2020 Initial release
October 2020 Added additional troubleshooting information to Appendix C.
November 2020 Added deployment instructions for China regions; updated solution deployment instructions for the Security Hub admin account; for more information, refer to the CHANGELOG.md file in the GitHub repository.
April 2021 Release v1.2.0: Added new playbook architecture and new FSBP remediations. For more information, refer to the CHANGELOG.md file in the GitHub repository.
May 2021 Release v1.2.1: Bug fix for an issue affecting EC2.2 and EC2.7. For more information, refer to the CHANGELOG.md file in the GitHub repository.
August 2021 Release v1.3.0: Added PCI DSS v3.2.1 Playbook. Added 17 new remediations to CIS v1.2.0. Added four new remediations to FSBP. Converted CIS to use new playbook architecture based on SSM runbooks. Added instructions to extend existing Playbooks with customer-defined remediations. For more information, refer to the CHANGELOG.md file in the GitHub repository.
September 2021 Release v1.3.1: CreateLogMetricFilterAndAlarm.py changed to make Actions active, add SNS notification to SO0111-SHARR-LocalAlarmNotification. Changed CIS 2.8 remediation to match new finding data format. For more information, refer to the CHANGELOG.md file in the GitHub repository.
November 2021 Release v1.3.2: Bug fixes for CIS v1.2.0 controls 3.1 - 3.14. For more information, refer to the CHANGELOG.md file in the GitHub repository.
December 2021 Release v1.4.0: The solution can now be deployed using StackSets. Cross-Region remediation is now supported in addition to cross-account. Member account IAM roles are now retained when the stack is removed. For more information, refer to the CHANGELOG.md file in the GitHub repository.
January 2022 Release v1.4.1: Bug fixes. For more information, refer to the CHANGELOG.md file in the GitHub repository.
January 2022 Release v1.4.2: Bug fixes. For more information, refer to the CHANGELOG.md file in the GitHub repository.
June 2022 Release v1.5.0: Additional remediations. For more information, refer to the CHANGELOG.md file in the GitHub repository.
December 2022 Release 1.5.1 Changes to switch SSM document creation from Custom Resource Lambda to CfnDocument. Prefix for the SSM document names are updated to start with ASR instead of SHARR. For more information, refer to the CHANGELOG.md file in the GitHub repository.
March 2023 Release 2.0.0: Added support for security controls and CIS v1.4.0 standards, five new remediations to FSBP standards, one new remediation to CIS v1.2.0 standards, the service catalog AppRegistry integration, and additional protections to avoid deployment failure due to SSM document throttling. For more information, refer to the CHANGELOG.md file in the GitHub repository.
April 2023 Release 2.0.1: Mitigated impact caused by new default settings for S3 Object Ownership (ACLs disabled) for all new S3 buckets. For more information, refer to the CHANGELOG.md file in the GitHub repository.
May 2023

Documentation update: Updated Well-Architected definitions, added guidance on where to deploy each stack, additional Troubleshooting edition of issues with specific remediation, and updated code examples in SNS notification.

July 2023 Documentation update: Updated the architecture diagram and the solution components in the workflow.
October 2023 Release 2.0.2: Updated package versions to resolve security vulnerabilities. For more information, refer to the CHANGELOG.md file in the GitHub repository.
November 2023 Documentation update: Added Confirm cost tags associated with the solution to the Monitoring the solution with AWS Service Catalog AppRegistry section.
March 2024

Release 2.1.0: Added support for the NIST standard, added 17 new remediations to FSBP standards, added CloudWatch dashboard for monitoring solution, added throttling handler to architecture, added support for Security Hub customizable input parameters, and added support for remediating Config findings. For more information, refer to the CHANGELOG.md file in the GitHub repository.

April 2024

Release 2.1.1: Updated to CloudFormation parameter order and default values Documentation update. Added references to NIST standard. Added information regarding EventBridge rule service quotas. For more information, refer to the CHANGELOG.md file in the GitHub repository.

June 2024 Release 2.1.2: Disabled AppRegistry for certain playbooks to avoid errors when updating the solution. For more information, refer to the CHANGELOG.md file in the GitHub repository.
September 2024 Release 2.1.3: Resolved an issue in the remediation scripts for EC2.18 and EC2.19 where security group rules with IpProtocol set to -1 were being incorrectly ignored. Upgraded all Python runtimes in remediation SSM documents from Python 3.8 to Python 3.11. For more information, refer to the CHANGELOG.md file in the GitHub repository.
November 2024 Release 2.1.4: Upgraded Python runtimes in all control runbooks from Python 3.8 to Python 3.11. For more information, refer to the CHANGELOG.md file in the GitHub repository.