securityhub_batch_update_findings: Used by Security Hub customers to update information about...

View source: R/securityhub_operations.R

securityhub_batch_update_findingsR Documentation

Used by Security Hub customers to update information about their investigation into a finding

Description

Used by Security Hub customers to update information about their investigation into a finding. Requested by administrator accounts or member accounts. Administrator accounts can update findings for their account and their member accounts. Member accounts can update findings for their account.

See https://www.paws-r-sdk.com/docs/securityhub_batch_update_findings/ for full documentation.

Usage

securityhub_batch_update_findings(
  FindingIdentifiers,
  Note = NULL,
  Severity = NULL,
  VerificationState = NULL,
  Confidence = NULL,
  Criticality = NULL,
  Types = NULL,
  UserDefinedFields = NULL,
  Workflow = NULL,
  RelatedFindings = NULL
)

Arguments

FindingIdentifiers

[required] The list of findings to update. batch_update_findings can be used to update up to 100 findings at a time.

For each finding, the list provides the finding identifier and the ARN of the finding provider.

Note
Severity

Used to update the finding severity.

VerificationState

Indicates the veracity of a finding.

The available values for VerificationState are as follows.

  • UNKNOWN – The default disposition of a security finding

  • TRUE_POSITIVE – The security finding is confirmed

  • FALSE_POSITIVE – The security finding was determined to be a false alarm

  • BENIGN_POSITIVE – A special case of TRUE_POSITIVE where the finding doesn't pose any threat, is expected, or both

Confidence

The updated value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Criticality

The updated value for the level of importance assigned to the resources associated with the findings.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Types

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are as follows.

  • Software and Configuration Checks

  • TTPs

  • Effects

  • Unusual Behaviors

  • Sensitive Data Identifications

UserDefinedFields

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

Workflow

Used to update the workflow status of a finding.

The workflow status indicates the progress of the investigation into the finding.

RelatedFindings

A list of findings that are related to the updated findings.


paws.security.identity documentation built on Sept. 12, 2024, 6:30 a.m.