You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.

Class: Aws::SecurityHub::Types::ThreatIntelIndicator

Inherits:
Struct
  • Object
show all
Defined in:
(unknown)

Overview

Note:

When passing ThreatIntelIndicator as input to an Aws::Client method, you can use a vanilla Hash:

{
  type: "DOMAIN", # accepts DOMAIN, EMAIL_ADDRESS, HASH_MD5, HASH_SHA1, HASH_SHA256, HASH_SHA512, IPV4_ADDRESS, IPV6_ADDRESS, MUTEX, PROCESS, URL
  value: "NonEmptyString",
  category: "BACKDOOR", # accepts BACKDOOR, CARD_STEALER, COMMAND_AND_CONTROL, DROP_SITE, EXPLOIT_SITE, KEYLOGGER
  last_observed_at: "NonEmptyString",
  source: "NonEmptyString",
  source_url: "NonEmptyString",
}

Details about the threat intel related to a finding.

Instance Attribute Summary collapse

Instance Attribute Details

#categoryString

The category of a threat intel indicator.

Possible values:

  • BACKDOOR
  • CARD_STEALER
  • COMMAND_AND_CONTROL
  • DROP_SITE
  • EXPLOIT_SITE
  • KEYLOGGER

Returns:

  • (String)

    The category of a threat intel indicator.

#last_observed_atString

The date and time when the most recent instance of a threat intel indicator was observed.

Returns:

  • (String)

    The date and time when the most recent instance of a threat intel indicator was observed.

#sourceString

The source of the threat intel indicator.

Returns:

  • (String)

    The source of the threat intel indicator.

#source_urlString

The URL to the page or site where you can get more information about the threat intel indicator.

Returns:

  • (String)

    The URL to the page or site where you can get more information about the threat intel indicator.

#typeString

The type of a threat intel indicator.

Possible values:

  • DOMAIN
  • EMAIL_ADDRESS
  • HASH_MD5
  • HASH_SHA1
  • HASH_SHA256
  • HASH_SHA512
  • IPV4_ADDRESS
  • IPV6_ADDRESS
  • MUTEX
  • PROCESS
  • URL

Returns:

  • (String)

    The type of a threat intel indicator.

#valueString

The value of a threat intel indicator.

Returns:

  • (String)

    The value of a threat intel indicator.