Paws::SecurityHub::AwsSecurityFinding
This class represents one of two things:
Use the attributes of this class as arguments to methods. You shouldn't make instances of this class. Each attribute should be used as a named argument in the calls that expect this type of object.
As an example, if Att1 is expected to be a Paws::SecurityHub::AwsSecurityFinding object:
$service_obj->Method(Att1 => { Action => $value, ..., WorkflowState => $value });
Use accessors for each attribute. If Att1 is expected to be an Paws::SecurityHub::AwsSecurityFinding object:
$result = $service_obj->Method(...); $result->Att1->Action
Provides consistent format for the contents of the Security Hub-aggregated findings. AwsSecurityFinding format enables you to share findings between AWS security services and third-party solutions, and security standards checks.
AwsSecurityFinding
A finding is a potential security issue generated either by AWS services (Amazon GuardDuty, Amazon Inspector, and Amazon Macie) or by the integrated third-party solutions and standards checks.
Provides details about an action that affects or that was taken on a resource.
The AWS account ID that a finding is generated in.
This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS AWS Foundations. Contains security standard-related finding details.
A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
Indicates when the security-findings provider created the potential security issue that a finding captured.
Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format (https://tools.ietf.org/html/rfc3339#section-5.6). The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.
date-time
2020-03-22T13:22:13.933Z
The level of importance assigned to the resources associated with the finding.
A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
A finding's description.
In this release, Description is a required property.
Description
In a BatchImportFindings request, finding providers use FindingProviderFields to provide and update their own values for confidence, criticality, related findings, severity, and types.
BatchImportFindings
FindingProviderFields
Indicates when the security-findings provider first observed the potential security issue that a finding captured.
The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
The security findings provider-specific identifier for a finding.
Indicates when the security-findings provider most recently observed the potential security issue that a finding captured.
A list of malware related to a finding.
The details of network-related information about a finding.
Provides information about a network path that is relevant to a finding. Each entry under NetworkPath represents a component of that path.
NetworkPath
A user-defined note added to a finding.
Provides an overview of the patch compliance status for an instance against a selected compliance standard.
The details of process-related information about a finding.
The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.
A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.
The record state of a finding.
A list of related findings.
A data type that describes the remediation options for a finding.
A set of resource data types that describe the resources that the finding refers to.
The schema version that a finding is formatted for.
A finding's severity.
A URL that links to a page about the current finding in the security-findings provider's solution.
Threat intelligence details related to a finding.
A finding's title.
In this release, Title is a required property.
Title
One or more finding types in the format of namespace/category/classifier that classify a finding.
namespace/category/classifier
Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
Indicates when the security-findings provider last updated the finding record.
A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
Indicates the veracity of a finding.
Provides a list of vulnerabilities associated with the findings.
Provides information about the status of the investigation into a finding.
The workflow state of a finding.
This class forms part of Paws, describing an object used in Paws::SecurityHub
The source code is located here: https://github.com/pplu/aws-sdk-perl
Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues
To install Paws, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Paws
CPAN shell
perl -MCPAN -e shell install Paws
For more information on module installation, please visit the detailed CPAN module installation guide.