Class: Aws::SecurityHub::Types::AwsSecurityFinding

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

Provides a consistent format for Security Hub findings. AwsSecurityFinding format allows you to share findings between Amazon Web Services security services and third-party solutions.

A finding is a potential security issue generated either by Amazon Web Services services or by the integrated third-party solutions and standards checks.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#actionTypes::Action

Provides details about an action that affects or that was taken on a resource.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#aws_account_idString

The Amazon Web Services account ID that a finding is generated in.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#aws_account_nameString

The name of the Amazon Web Services account from which a finding was generated.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#company_nameString

The name of the company for the product that generated the finding.

Security Hub populates this attribute automatically for each finding. You cannot update this attribute with BatchImportFindings or BatchUpdateFindings. The exception to this is a custom integration.

When you use the Security Hub console or API to filter findings by company name, you use this attribute.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#complianceTypes::Compliance

This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS Amazon Web Services Foundations. Contains security standard-related finding details.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#confidenceInteger

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Returns:

  • (Integer)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#created_atString

Indicates when the security findings provider created the potential security issue that a finding captured.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces, and date and time should be separated by T. For example, 2020-03-22T13:22:13.933Z.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#criticalityInteger

The level of importance assigned to the resources associated with the finding.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Returns:

  • (Integer)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#descriptionString

A finding's description.

In this release, Description is a required property.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fieldsTypes::FindingProviderFields

In a BatchImportFindings request, finding providers use FindingProviderFields to provide and update their own values for confidence, criticality, related findings, severity, and types.



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#first_observed_atString

Indicates when the security findings provider first observed the potential security issue that a finding captured.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces, and date and time should be separated by T. For example, 2020-03-22T13:22:13.933Z.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#generator_detailsTypes::GeneratorDetails

Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to findings that relate to Lambda functions. Amazon Inspector identifies policy violations and vulnerabilities in Lambda function code based on internal detectors developed in collaboration with Amazon CodeGuru. Security Hub receives those findings.



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#generator_idString

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#idString

The security findings provider-specific identifier for a finding.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#last_observed_atString

Indicates when the security findings provider most recently observed the potential security issue that a finding captured.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces, and date and time should be separated by T. For example, 2020-03-22T13:22:13.933Z.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#malwareArray<Types::Malware>

A list of malware related to a finding.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#networkTypes::Network

The details of network-related information about a finding.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#network_pathArray<Types::NetworkPathComponent>

Provides information about a network path that is relevant to a finding. Each entry under NetworkPath represents a component of that path.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#noteTypes::Note

A user-defined note added to a finding.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#patch_summaryTypes::PatchSummary

Provides an overview of the patch compliance status for an instance against a selected compliance standard.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#processTypes::ProcessDetails

The details of process-related information about a finding.



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#processed_atString

An ISO8601-formatted timestamp that indicates when Security Hub received a finding and begins to process it.

A correctly formatted example is 2020-05-21T20:16:34.724Z. The value cannot contain spaces, and date and time should be separated by T. For more information, see RFC 3339 section 5.6, Internet Date/Time Format.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#product_arnString

The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#product_fieldsHash<String,String>

A data type where security findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

Can contain up to 50 key-value pairs. For each key-value pair, the key can contain up to 128 characters, and the value can contain up to 2048 characters.

Returns:

  • (Hash<String,String>)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#product_nameString

The name of the product that generated the finding.

Security Hub populates this attribute automatically for each finding. You cannot update this attribute with BatchImportFindings or BatchUpdateFindings. The exception to this is a custom integration.

When you use the Security Hub console or API to filter findings by product name, you use this attribute.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#record_stateString

The record state of a finding.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#regionString

The Region from which the finding was generated.

Security Hub populates this attribute automatically for each finding. You cannot update it using BatchImportFindings or BatchUpdateFindings.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

A list of related findings.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#remediationTypes::Remediation

A data type that describes the remediation options for a finding.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resourcesArray<Types::Resource>

A set of resource data types that describe the resources that the finding refers to.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#sampleBoolean

Indicates whether the finding is a sample finding.

Returns:

  • (Boolean)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#schema_versionString

The schema version that a finding is formatted for.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#severityTypes::Severity

A finding's severity.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#source_urlString

A URL that links to a page about the current finding in the security findings provider's solution.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicatorsArray<Types::ThreatIntelIndicator>

Threat intelligence details related to a finding.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#threatsArray<Types::Threat>

Details about the threat detected in a security finding and the file paths that were affected by the threat.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#titleString

A finding's title.

In this release, Title is a required property.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#typesArray<String>

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

Returns:

  • (Array<String>)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#updated_atString

Indicates when the security findings provider last updated the finding record.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces, and date and time should be separated by T. For example, 2020-03-22T13:22:13.933Z.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#user_defined_fieldsHash<String,String>

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

Returns:

  • (Hash<String,String>)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#verification_stateString

Indicates the veracity of a finding.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#vulnerabilitiesArray<Types::Vulnerability>

Provides a list of vulnerabilities associated with the findings.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#workflowTypes::Workflow

Provides information about the status of the investigation into a finding.

Returns:



19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#workflow_stateString

The workflow state of a finding.

Returns:

  • (String)


19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19082

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end