Reviewing details for an exposure finding in the Security Hub console Reviewing details for an exposure finding with the API

Reviewing details for exposure findings

Note

Security Hub is in preview release and is subject to change.

This topic describes how to review details about exposure findings in the Security Hub console and with the API.

Reviewing details for an exposure finding in the Security Hub console

To view details for an exposure finding in the Security Hub console

Sign in using your credentials, and open the Security Hub console at https://console.aws.amazon.com/securityhub/v2/home?region=us-east-1.
From the navigation pane, choose Exposures.
Choose an exposure finding that you want to view details.

Reviewing details for an exposure finding with the API

You can review exposure findings with the GetFindingsV2 API or with the AWS CLI. You can filter the results with the FindingProviderFieldsTypes parameter and by providing a filter value of Exposure/EC2 if you only want to return exposure findings for EC2 instances. You can filter by other fields to narrow down results.

Example command

The following is a AWS CLI example that retrieves the 10 most recently generated exposure findings in your account. This example is formatted for Linux, macOS, or Unix, and it uses the backslash (\) line-continuation character to improve readability.


aws securityhub get-findings-v2 \
                    --max-results '10' \
                    --filter '{"CompositeFilters": [{"StringFilters": [{"FieldName":"finding_info.title","Filter": {"Value":"GuardDuty","Comparison":"PREFIX"}} ]}]}'

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Reviewing exposure findings

Remediating exposure findings