NAME

Paws::SecurityHub::AwsSecurityFinding

USAGE

This class represents one of two things:

Arguments in a call to a service

Use the attributes of this class as arguments to methods. You shouldn't make instances of this class. Each attribute should be used as a named argument in the calls that expect this type of object.

As an example, if Att1 is expected to be a Paws::SecurityHub::AwsSecurityFinding object:

  $service_obj->Method(Att1 => { Action => $value, ..., WorkflowState => $value  });

Results returned from an API call

Use accessors for each attribute. If Att1 is expected to be an Paws::SecurityHub::AwsSecurityFinding object:

  $result = $service_obj->Method(...);
  $result->Att1->Action

DESCRIPTION

Provides consistent format for the contents of the Security Hub-aggregated findings. "AwsSecurityFinding" format enables you to share findings between AWS security services and third-party solutions, and security standards checks.

A finding is a potential security issue generated either by AWS services (Amazon GuardDuty, Amazon Inspector, and Amazon Macie) or by the integrated third-party solutions and standards checks.

ATTRIBUTES

Action => Paws::SecurityHub::Action

Provides details about an action that affects or that was taken on a resource.

REQUIRED AwsAccountId => Str

The AWS account ID that a finding is generated in.

Compliance => Paws::SecurityHub::Compliance

This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS AWS Foundations. Contains security standard-related finding details.

Confidence => Int

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

REQUIRED CreatedAt => Str

Indicates when the security-findings provider created the potential security issue that a finding captured.

Uses the "date-time" format specified in RFC 3339 section 5.6, Internet Date/Time Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot contain spaces. For example, "2020-03-22T13:22:13.933Z".

Criticality => Int

The level of importance assigned to the resources associated with the finding.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

REQUIRED Description => Str

A finding's description.

In this release, "Description" is a required property.

FindingProviderFields => Paws::SecurityHub::FindingProviderFields

In a "BatchImportFindings" request, finding providers use "FindingProviderFields" to provide and update their own values for confidence, criticality, related findings, severity, and types.

FirstObservedAt => Str

Indicates when the security-findings provider first observed the potential security issue that a finding captured.

REQUIRED GeneratorId => Str

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.

REQUIRED Id => Str

The security findings provider-specific identifier for a finding.

LastObservedAt => Str

Indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

Malware => ArrayRef[Paws::SecurityHub::Malware]

A list of malware related to a finding.

Network => Paws::SecurityHub::Network

The details of network-related information about a finding.

NetworkPath => ArrayRef[Paws::SecurityHub::NetworkPathComponent]

Provides information about a network path that is relevant to a finding. Each entry under "NetworkPath" represents a component of that path.

Note => Paws::SecurityHub::Note

A user-defined note added to a finding.

PatchSummary => Paws::SecurityHub::PatchSummary

Provides an overview of the patch compliance status for an instance against a selected compliance standard.

Process => Paws::SecurityHub::ProcessDetails

The details of process-related information about a finding.

REQUIRED ProductArn => Str

The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.

ProductFields => Paws::SecurityHub::FieldMap

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined "AwsSecurityFinding" format.