AWS Security Finding Format (ASFF)
AWS Security Hub consumes, aggregates, organizes, and prioritizes findings from AWS security services and from the third-party product integrations. Security Hub processes these findings using a standard findings format called the AWS Security Finding Format (ASFF), which eliminates the need for time-consuming data conversion efforts. Then it correlates ingested findings across products to prioritize the most important ones.
Contents
- ASFF syntax
- ASFF attributes
- Required attributes
- Other top-level attributes
- Action
- Compliance
- FindingProviderFields
- Malware
- Network (Deprecated)
- NetworkPath
- Note
- PatchSummary
- Process
- RelatedFindings
- Remediation
- Resources
- DataClassification
- AwsApiGatewayRestApi
- AwsApiGatewayStage
- AwsApiGatewayV2Api
- AwsApiGatewayV2Stage
- AwsAutoScalingAutoScalingGroup
- AwsCertificateManagerCertificate
- AwsCloudFrontDistribution
- AwsCloudTrailTrail
- AwsCodeBuildProject
- AwsDynamoDbTable
- AwsEc2Eip
- AwsEc2Instance
- AwsEc2NetworkAcl
- AwsEc2NetworkInterface
- AwsEc2SecurityGroup
- AwsEc2Subnet
- AwsEc2Volume
- AwsEc2Vpc
- AwsEcsCluster
- AwsEcsService
- AwsEcsTaskDefinition
- ContainerDefinitions
- ContainerDefinitions.DependsOn
- ContainerDefinitions.Environment
- ContainerDefinitions.EnvironmentFiles
- ContainerDefinitions.ExtraHosts
- ContainerDefinitions.FirelensConfiguration
- ContainerDefinitions.HealthCheck
- ContainerDefinitions.LinuxParameters
- ContainerDefinitions.LogConfiguration
- ContainerDefinitions.MountPoints
- ContainerDefinitions.PortMappings
- ContainerDefinitions.RepositoryCredentials
- ContainerDefinitions.ResourceRequirements
- ContainerDefinitions.Secrets
- ContainerDefinitions.SystemControls
- ContainerDefinitions.Ulimits
- ContainerDefinitions.VolumesFrom
- InferenceAccelerators
- PlacementConstraints
- ProxyConfiguration
- Volumes
- AwsElasticBeanstalkEnvironment
- AwsElasticSearchDomain
- AwsElbLoadBalancer
- AwsElbv2LoadBalancer
- AwsIamAccessKey
- AwsIamGroup
- AwsIamPolicy
- AwsIamRole
- AwsIamUser
- AwsKmsKey
- AwsLambdaFunction
- AwsLambdaLayerVersion
- AwsRdsDbCluster
- AwsRdsDbClusterSnapshot
- AwsRdsDbInstance
- AwsRdsDbSnapshot
- AwsRdsEventSubscription
- AwsRedshiftCluster
- AwsS3AccountPublicAccessBlock
- AwsS3Bucket
- AwsS3Object
- AwsSecretsManagerSecret
- AwsSnsTopic
- AwsSqsQueue
- AwsSsmPatchCompliance
- AwsWafWebAcl
- Container
- Other
- Severity
- ThreatIntelIndicators
- Vulnerabilities
- Workflow
- Types taxonomy for ASFF
