Class: Aws::SecurityHub::Types::FindingProviderFields
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::FindingProviderFields
- Includes:
- Aws::Structure
- Defined in:
- lib/aws-sdk-securityhub/types.rb
Overview
In a [ ‘BatchImportFindings` ][1] request, finding providers use `FindingProviderFields` to provide and update values for the following fields:
-
‘Confidence`
-
‘Criticality`
-
‘RelatedFindings`
-
‘Severity`
-
‘Types`
The preceding fields are nested under the ‘FindingProviderFields` object, but also have analogues of the same name as top-level ASFF fields. When a new finding is sent to Security Hub by a finding provider, Security Hub populates the `FindingProviderFields` object automatically, if it is empty, based on the corresponding top-level fields.
Finding providers can update ‘FindingProviderFields` only by using the `BatchImportFindings` operation. Finding providers can’t update this object with the [ ‘BatchUpdateFindings` ][2] operation. Customers can update the top-level fields by using the `BatchUpdateFindings` operation. Customers can’t update ‘FindingProviderFields`.
For information about how Security Hub handles updates from ‘BatchImportFindings` to `FindingProviderFields` and to the corresponding top-level attributes, see [Using `FindingProviderFields` ][3] in the *Security Hub User Guide*.
[1]: docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html [2]: docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html [3]: docs.aws.amazon.com/securityhub/latest/userguide/finding-update-batchimportfindings.html#batchimportfindings-findingproviderfields
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#confidence ⇒ Integer
A finding’s confidence.
-
#criticality ⇒ Integer
The level of importance assigned to the resources associated with the finding.
-
#related_findings ⇒ Array<Types::RelatedFinding>
A list of findings that are related to the current finding.
-
#severity ⇒ Types::FindingProviderSeverity
The severity of a finding.
-
#types ⇒ Array<String>
One or more finding types in the format of ‘namespace/category/classifier` that classify a finding.
Instance Attribute Details
#confidence ⇒ Integer
A finding’s confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
24095 24096 24097 24098 24099 24100 24101 24102 24103 |
# File 'lib/aws-sdk-securityhub/types.rb', line 24095 class FindingProviderFields < Struct.new( :confidence, :criticality, :related_findings, :severity, :types) SENSITIVE = [] include Aws::Structure end |
#criticality ⇒ Integer
The level of importance assigned to the resources associated with the finding.
A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
24095 24096 24097 24098 24099 24100 24101 24102 24103 |
# File 'lib/aws-sdk-securityhub/types.rb', line 24095 class FindingProviderFields < Struct.new( :confidence, :criticality, :related_findings, :severity, :types) SENSITIVE = [] include Aws::Structure end |
#related_findings ⇒ Array<Types::RelatedFinding>
A list of findings that are related to the current finding.
24095 24096 24097 24098 24099 24100 24101 24102 24103 |
# File 'lib/aws-sdk-securityhub/types.rb', line 24095 class FindingProviderFields < Struct.new( :confidence, :criticality, :related_findings, :severity, :types) SENSITIVE = [] include Aws::Structure end |
#severity ⇒ Types::FindingProviderSeverity
The severity of a finding.
24095 24096 24097 24098 24099 24100 24101 24102 24103 |
# File 'lib/aws-sdk-securityhub/types.rb', line 24095 class FindingProviderFields < Struct.new( :confidence, :criticality, :related_findings, :severity, :types) SENSITIVE = [] include Aws::Structure end |
#types ⇒ Array<String>
One or more finding types in the format of ‘namespace/category/classifier` that classify a finding.
Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
24095 24096 24097 24098 24099 24100 24101 24102 24103 |
# File 'lib/aws-sdk-securityhub/types.rb', line 24095 class FindingProviderFields < Struct.new( :confidence, :criticality, :related_findings, :severity, :types) SENSITIVE = [] include Aws::Structure end |