Class: Aws::SecurityHub::Types::AwsSecurityFinding

Inherits:

Struct

• Object
• Struct
• Aws::SecurityHub::Types::AwsSecurityFinding

Defined in:

gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

Provides a consistent format for Security Hub findings. AwsSecurityFinding format allows you to share findings between Amazon Web Services security services and third-party solutions.

A finding is a potential security issue generated either by Amazon Web Services services or by the integrated third-party solutions and standards checks.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #action ⇒ Types::Action

  Provides details about an action that affects or that was taken on a resource.

• #aws_account_id ⇒ String

  The Amazon Web Services account ID that a finding is generated in.

• #aws_account_name ⇒ String

  The name of the Amazon Web Services account from which a finding was generated.

• #company_name ⇒ String

  The name of the company for the product that generated the finding.

• #compliance ⇒ Types::Compliance

  This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS Amazon Web Services Foundations.

• #confidence ⇒ Integer

  A finding's confidence.

• #created_at ⇒ String

  Indicates when the security findings provider created the potential security issue that a finding captured.

• #criticality ⇒ Integer

  The level of importance assigned to the resources associated with the finding.

• #description ⇒ String

  A finding's description.

• #finding_provider_fields ⇒ Types::FindingProviderFields

  In a BatchImportFindings request, finding providers use FindingProviderFields to provide and update their own values for confidence, criticality, related findings, severity, and types.

• #first_observed_at ⇒ String

  Indicates when the security findings provider first observed the potential security issue that a finding captured.

• #generator_details ⇒ Types::GeneratorDetails

  Provides metadata for the Amazon CodeGuru detector associated with a finding.

• #generator_id ⇒ String

  The identifier for the solution-specific component (a discrete unit of logic) that generated a finding.

• #id ⇒ String

  The security findings provider-specific identifier for a finding.

• #last_observed_at ⇒ String

  Indicates when the security findings provider most recently observed the potential security issue that a finding captured.

• #malware ⇒ Array<Types::Malware>

  A list of malware related to a finding.

• #network ⇒ Types::Network

  The details of network-related information about a finding.

• #network_path ⇒ Array<Types::NetworkPathComponent>

  Provides information about a network path that is relevant to a finding.

• #note ⇒ Types::Note

  A user-defined note added to a finding.

• #patch_summary ⇒ Types::PatchSummary

  Provides an overview of the patch compliance status for an instance against a selected compliance standard.

• #process ⇒ Types::ProcessDetails

  The details of process-related information about a finding.

• #processed_at ⇒ String

  A timestamp that indicates when Security Hub received a finding and begins to process it.

• #product_arn ⇒ String

  The ARN generated by Security Hub that uniquely identifies a product that generates findings.

• #product_fields ⇒ Hash<String,String>

  A data type where security findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

• #product_name ⇒ String

  The name of the product that generated the finding.

• #record_state ⇒ String

  The record state of a finding.

• #region ⇒ String

  The Region from which the finding was generated.

• #related_findings ⇒ Array<Types::RelatedFinding>

  A list of related findings.

• #remediation ⇒ Types::Remediation

  A data type that describes the remediation options for a finding.

• #resources ⇒ Array<Types::Resource>

  A set of resource data types that describe the resources that the finding refers to.

• #sample ⇒ Boolean

  Indicates whether the finding is a sample finding.

• #schema_version ⇒ String

  The schema version that a finding is formatted for.

• #severity ⇒ Types::Severity

  A finding's severity.

• #source_url ⇒ String

  A URL that links to a page about the current finding in the security findings provider's solution.

• #threat_intel_indicators ⇒ Array<Types::ThreatIntelIndicator>

  Threat intelligence details related to a finding.

• #threats ⇒ Array<Types::Threat>

  Details about the threat detected in a security finding and the file paths that were affected by the threat.

• #title ⇒ String

  A finding's title.

• #types ⇒ Array<String>

  One or more finding types in the format of namespace/category/classifier that classify a finding.

• #updated_at ⇒ String

  Indicates when the security findings provider last updated the finding record.

• #user_defined_fields ⇒ Hash<String,String>

  A list of name/value string pairs associated with the finding.

• #verification_state ⇒ String

  Indicates the veracity of a finding.

• #vulnerabilities ⇒ Array<Types::Vulnerability>

  Provides a list of vulnerabilities associated with the findings.

• #workflow ⇒ Types::Workflow

  Provides information about the status of the investigation into a finding.

• #workflow_state ⇒ String

  The workflow state of a finding.

Instance Attribute Details

#action ⇒ Types::Action

Provides details about an action that affects or that was taken on a resource.

Returns:

• (Types::Action)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#aws_account_id ⇒ String

The Amazon Web Services account ID that a finding is generated in.

Length Constraints: 12.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#aws_account_name ⇒ String

The name of the Amazon Web Services account from which a finding was generated.

Length Constraints: Minimum length of 1. Maximum length of 50.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#company_name ⇒ String

The name of the company for the product that generated the finding.

Security Hub populates this attribute automatically for each finding. You cannot update this attribute with BatchImportFindings or BatchUpdateFindings. The exception to this is a custom integration.

When you use the Security Hub console or API to filter findings by company name, you use this attribute.

Length Constraints: Minimum length of 1. Maximum length of 128.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#compliance ⇒ Types::Compliance

This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS Amazon Web Services Foundations. Contains security standard-related finding details.

Returns:

• (Types::Compliance)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#confidence ⇒ Integer

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Returns:

• (Integer)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#created_at ⇒ String

Indicates when the security findings provider created the potential security issue that a finding captured.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

• YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

• YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

• YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#criticality ⇒ Integer

The level of importance assigned to the resources associated with the finding.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Returns:

• (Integer)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#description ⇒ String

A finding's description. Description is a required property.

Length Constraints: Minimum length of 1. Maximum length of 1024.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields ⇒ Types::FindingProviderFields

In a BatchImportFindings request, finding providers use FindingProviderFields to provide and update their own values for confidence, criticality, related findings, severity, and types.

Returns:

• (Types::FindingProviderFields)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#first_observed_at ⇒ String

Indicates when the security findings provider first observed the potential security issue that a finding captured.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

• YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

• YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

• YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#generator_details ⇒ Types::GeneratorDetails

Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to findings that relate to Lambda functions. Amazon Inspector identifies policy violations and vulnerabilities in Lambda function code based on internal detectors developed in collaboration with Amazon CodeGuru. Security Hub receives those findings.

Returns:

• (Types::GeneratorDetails)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#generator_id ⇒ String

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, or something else.

Length Constraints: Minimum length of 1. Maximum length of 512.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#id ⇒ String

The security findings provider-specific identifier for a finding.

Length Constraints: Minimum length of 1. Maximum length of 512.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#last_observed_at ⇒ String

Indicates when the security findings provider most recently observed the potential security issue that a finding captured.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

• YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

• YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

• YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#malware ⇒ Array<Types::Malware>

A list of malware related to a finding.

Array Members: Maximum number of 5 items.

Returns:

• (Array<Types::Malware>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#network ⇒ Types::Network

The details of network-related information about a finding.

Returns:

• (Types::Network)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#network_path ⇒ Array<Types::NetworkPathComponent>

Provides information about a network path that is relevant to a finding. Each entry under NetworkPath represents a component of that path.

Returns:

• (Array<Types::NetworkPathComponent>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#note ⇒ Types::Note

A user-defined note added to a finding.

Returns:

• (Types::Note)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#patch_summary ⇒ Types::PatchSummary

Provides an overview of the patch compliance status for an instance against a selected compliance standard.

Returns:

• (Types::PatchSummary)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#process ⇒ Types::ProcessDetails

The details of process-related information about a finding.

Returns:

• (Types::ProcessDetails)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#processed_at ⇒ String

A timestamp that indicates when Security Hub received a finding and begins to process it.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

• YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

• YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

• YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#product_arn ⇒ String

The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.

Length Constraints: Minimum length of 12. Maximum length of 2048.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#product_fields ⇒ Hash<String,String>

A data type where security findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

Can contain up to 50 key-value pairs. For each key-value pair, the key can contain up to 128 characters, and the value can contain up to 2048 characters.

Returns:

• (Hash<String,String>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#product_name ⇒ String

The name of the product that generated the finding.

Security Hub populates this attribute automatically for each finding. You cannot update this attribute with BatchImportFindings or BatchUpdateFindings. The exception to this is a custom integration.

When you use the Security Hub console or API to filter findings by product name, you use this attribute.

Length Constraints: Minimum length of 1. Maximum length of 128.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#record_state ⇒ String

The record state of a finding.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#region ⇒ String

The Region from which the finding was generated.

Security Hub populates this attribute automatically for each finding. You cannot update it using BatchImportFindings or BatchUpdateFindings.

Length Constraints: Minimum length of 1. Maximum length of 16.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#related_findings ⇒ Array<Types::RelatedFinding>

A list of related findings.

Array Members: Minimum number of 1 item. Maximum number of 10 items.

Returns:

• (Array<Types::RelatedFinding>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#remediation ⇒ Types::Remediation

A data type that describes the remediation options for a finding.

Returns:

• (Types::Remediation)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resources ⇒ Array<Types::Resource>

A set of resource data types that describe the resources that the finding refers to.

Array Members: Minimum number of 1 item. Maximum number of 32 items.

Returns:

• (Array<Types::Resource>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#sample ⇒ Boolean

Indicates whether the finding is a sample finding.

Returns:

• (Boolean)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#schema_version ⇒ String

The schema version that a finding is formatted for. The value is 2018-10-08.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#severity ⇒ Types::Severity

A finding's severity.

Returns:

• (Types::Severity)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#source_url ⇒ String

A URL that links to a page about the current finding in the security findings provider's solution.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicators ⇒ Array<Types::ThreatIntelIndicator>

Threat intelligence details related to a finding.

Array Members: Minimum number of 1 item. Maximum number of 5 items.

Returns:

• (Array<Types::ThreatIntelIndicator>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#threats ⇒ Array<Types::Threat>

Details about the threat detected in a security finding and the file paths that were affected by the threat.

Array Members: Minimum number of 1 item. Maximum number of 32 items.

Returns:

• (Array<Types::Threat>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#title ⇒ String

A finding's title. Title is a required property.

Length Constraints: Minimum length of 1. Maximum length of 256.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#types ⇒ Array<String>

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

Array Members: Maximum number of 50 items.

Returns:

• (Array<String>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#updated_at ⇒ String

Indicates when the security findings provider last updated the finding record.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

• YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

• YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

• YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

• YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#user_defined_fields ⇒ Hash<String,String>

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

Can contain up to 50 key-value pairs. For each key-value pair, the key can contain up to 128 characters, and the value can contain up to 1024 characters.

Returns:

• (Hash<String,String>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#verification_state ⇒ String

Indicates the veracity of a finding.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#vulnerabilities ⇒ Array<Types::Vulnerability>

Provides a list of vulnerabilities associated with the findings.

Returns:

• (Array<Types::Vulnerability>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#workflow ⇒ Types::Workflow

Provides information about the status of the investigation into a finding.

Returns:

• (Types::Workflow)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#workflow_state ⇒ String

The workflow state of a finding.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19959

class AwsSecurityFinding < Struct.new(
  :schema_version,
  :id,
  :product_arn,
  :product_name,
  :company_name,
  :region,
  :generator_id,
  :aws_account_id,
  :types,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity,
  :confidence,
  :criticality,
  :title,
  :description,
  :remediation,
  :source_url,
  :product_fields,
  :user_defined_fields,
  :malware,
  :network,
  :network_path,
  :process,
  :threats,
  :threat_intel_indicators,
  :resources,
  :compliance,
  :verification_state,
  :workflow_state,
  :workflow,
  :record_state,
  :related_findings,
  :note,
  :vulnerabilities,
  :patch_summary,
  :action,
  :finding_provider_fields,
  :sample,
  :generator_details,
  :processed_at,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end