[ramimac]

Not sure how the link got munged, but the root is https://docs.aws.amazon.com/securityhub/latest/userguide/gua...

It's definitely a bit of a simplification - although I'm not aware of large orgs using anything else to meet the relevant PCI requirement

The whitepaper AWS commissioned helping explain GuardDuty to auditors[1] is definitely a large component there

[1] https://d1.awsstatic.com/certifications/foregenix_amazon_gua...

[acdha]

That doesn’t mean that they’re saying Guard Duty is required but rather that it’s one way to satisfy that need. If you picked a different product, you could disable that control in Security Hub.