[−][src]Struct rusoto_securityhub::AwsSecurityFinding
Provides consistent format for the contents of the Security Hub-aggregated findings. AwsSecurityFinding
format enables you to share findings between AWS security services and third-party solutions, and security standards checks.
A finding is a potential security issue generated either by AWS services (Amazon GuardDuty, Amazon Inspector, and Amazon Macie) or by the integrated third-party solutions and standards checks.
Fields
aws_account_id: String
The AWS account ID that a finding is generated in.
compliance: Option<Compliance>
This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS AWS Foundations. Contains security standard-related finding details.
confidence: Option<i64>
A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
created_at: String
An ISO8601-formatted timestamp that indicates when the security-findings provider created the potential security issue that a finding captured.
criticality: Option<i64>
The level of importance assigned to the resources associated with the finding.
A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
description: String
A finding's description.
In this release, Description
is a required property.
first_observed_at: Option<String>
An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.
generator_id: String
The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
id: String
The security findings provider-specific identifier for a finding.
last_observed_at: Option<String>
An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.
malware: Option<Vec<Malware>>
A list of malware related to a finding.
network: Option<Network>
The details of network-related information about a finding.
network_path: Option<Vec<NetworkPathComponent>>
Provides information about a network path that is relevant to a finding. Each entry under NetworkPath
represents a component of that path.
note: Option<Note>
A user-defined note added to a finding.
process: Option<ProcessDetails>
The details of process-related information about a finding.
product_arn: String
The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.
product_fields: Option<HashMap<String, String>>
A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding
format.
record_state: Option<String>
The record state of a finding.
A list of related findings.
remediation: Option<Remediation>
A data type that describes the remediation options for a finding.
resources: Vec<Resource>
A set of resource data types that describe the resources that the finding refers to.
schema_version: String
The schema version that a finding is formatted for.
severity: Severity
A finding's severity.
source_url: Option<String>
A URL that links to a page about the current finding in the security-findings provider's solution.
threat_intel_indicators: Option<Vec<ThreatIntelIndicator>>
Threat intelligence details related to a finding.
title: String
A finding's title.
In this release, Title
is a required property.
types: Vec<String>
One or more finding types in the format of namespace/category/classifier
that classify a finding.
Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
updated_at: String
An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.
user_defined_fields: Option<HashMap<String, String>>
A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
verification_state: Option<String>
Indicates the veracity of a finding.
vulnerabilities: Option<Vec<Vulnerability>>
Provides a list of vulnerabilities associated with the findings.
workflow: Option<Workflow>
Provides information about the status of the investigation into a finding.
workflow_state: Option<String>
The workflow state of a finding.
Trait Implementations
impl Clone for AwsSecurityFinding
[src]
pub fn clone(&self) -> AwsSecurityFinding
[src]
pub fn clone_from(&mut self, source: &Self)
1.0.0[src]
impl Debug for AwsSecurityFinding
[src]
impl Default for AwsSecurityFinding
[src]
pub fn default() -> AwsSecurityFinding
[src]
impl<'de> Deserialize<'de> for AwsSecurityFinding
[src]
pub fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
[src]
__D: Deserializer<'de>,
impl PartialEq<AwsSecurityFinding> for AwsSecurityFinding
[src]
pub fn eq(&self, other: &AwsSecurityFinding) -> bool
[src]
pub fn ne(&self, other: &AwsSecurityFinding) -> bool
[src]
impl Serialize for AwsSecurityFinding
[src]
pub fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error> where
__S: Serializer,
[src]
__S: Serializer,
impl StructuralPartialEq for AwsSecurityFinding
[src]
Auto Trait Implementations
impl RefUnwindSafe for AwsSecurityFinding
[src]
impl Send for AwsSecurityFinding
[src]
impl Sync for AwsSecurityFinding
[src]
impl Unpin for AwsSecurityFinding
[src]
impl UnwindSafe for AwsSecurityFinding
[src]
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> DeserializeOwned for T where
T: for<'de> Deserialize<'de>,
[src]
T: for<'de> Deserialize<'de>,
impl<T> From<T> for T
[src]
impl<T> Instrument for T
[src]
pub fn instrument(self, span: Span) -> Instrumented<Self>
[src]
pub fn in_current_span(self) -> Instrumented<Self>
[src]
impl<T> Instrument for T
[src]
pub fn instrument(self, span: Span) -> Instrumented<Self>
[src]
pub fn in_current_span(self) -> Instrumented<Self>
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
pub fn to_owned(&self) -> T
[src]
pub fn clone_into(&self, target: &mut T)
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,