AWS Security Hub today released updates and additions to AWS Security Finding Format (ASFF) that enable integrated Security Hub partners to send richer, more detailed findings to Security Hub. We have added a new Severity.Label field that is intended to replace the Severity.Normalized field. Severity.Label allows for informational, low, medium, high, and critical values, and each finding provider will select the appropriate value for their finding. If a finding is missing the Severity.Label field, Security Hub will automatically populate it based on the existing Severity.Normalized field. We are also updating how we track the status of the investigation into a finding. The existing WorkflowState field is deprecated. We have added a new Workflow object to contain information about the investigation workflow. It currently contains a single field, Status, which replaces the deprecated WorkflowState. Next, we have added new fields to the AwsS3Bucket resource details and added a new AwsS3Object resource type and corresponding details object. Finally, we added the following new resource types. These resource types do not yet have a corresponding details objects: AwsApiGatewayMethod, AwsApiGatewayRestApi, AwsAppStreamFleet, AwsCertificateManagerCertificate, AwsCloudFormationStack, AwsCloudWatchAlarm, AwsCodeCommitRepository, AwsCodeDeployApplication, AwsCodeDeployDeploymentGroup, AwsCodePipelinePipeline, AwsCognitoIdentityPool, AwsCognitoUserPool, AwsEcsService, AwsEcsTaskDefinition, AwsEfsFileSystem, AwsEksCluster, AwsElastiCacheCacheCluster, AwsElbLoadBalancer, AwsEmrCluster, AwsKinesisStream, and AwsLogsLogGroup.