/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the securityhub-2018-10-26.normal.json service model.
*/
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.Text;
using System.IO;
using System.Net;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
namespace Amazon.SecurityHub.Model
{
///
/// Provides a consistent format for Security Hub findings. AwsSecurityFinding
/// format allows you to share findings between Amazon Web Services security services
/// and third-party solutions.
///
///
///
/// A finding is a potential security issue generated either by Amazon Web Services services
/// or by the integrated third-party solutions and standards checks.
///
///
///
public partial class AwsSecurityFinding
{
private Action _action;
private string _awsAccountId;
private string _companyName;
private Compliance _compliance;
private int? _confidence;
private string _createdAt;
private int? _criticality;
private string _description;
private FindingProviderFields _findingProviderFields;
private string _firstObservedAt;
private string _generatorId;
private string _id;
private string _lastObservedAt;
private List _malware = new List();
private Network _network;
private List _networkPath = new List();
private Note _note;
private PatchSummary _patchSummary;
private ProcessDetails _process;
private string _productArn;
private Dictionary _productFields = new Dictionary();
private string _productName;
private RecordState _recordState;
private string _region;
private List _relatedFindings = new List();
private Remediation _remediation;
private List _resources = new List();
private bool? _sample;
private string _schemaVersion;
private Severity _severity;
private string _sourceUrl;
private List _threatIntelIndicators = new List();
private List _threats = new List();
private string _title;
private List _types = new List();
private string _updatedAt;
private Dictionary _userDefinedFields = new Dictionary();
private VerificationState _verificationState;
private List _vulnerabilities = new List();
private Workflow _workflow;
private WorkflowState _workflowState;
///
/// Gets and sets the property Action.
///
/// Provides details about an action that affects or that was taken on a resource.
///
///
public Action Action
{
get { return this._action; }
set { this._action = value; }
}
// Check to see if Action property is set
internal bool IsSetAction()
{
return this._action != null;
}
///
/// Gets and sets the property AwsAccountId.
///
/// The Amazon Web Services account ID that a finding is generated in.
///
///
[AWSProperty(Required=true)]
public string AwsAccountId
{
get { return this._awsAccountId; }
set { this._awsAccountId = value; }
}
// Check to see if AwsAccountId property is set
internal bool IsSetAwsAccountId()
{
return this._awsAccountId != null;
}
///
/// Gets and sets the property CompanyName.
///
/// The name of the company for the product that generated the finding.
///
///
///
/// Security Hub populates this attribute automatically for each finding. You cannot update
/// this attribute with BatchImportFindings or BatchUpdateFindings.
/// The exception to this is a custom integration.
///
///
///
/// When you use the Security Hub console or API to filter findings by company name, you
/// use this attribute.
///
///
public string CompanyName
{
get { return this._companyName; }
set { this._companyName = value; }
}
// Check to see if CompanyName property is set
internal bool IsSetCompanyName()
{
return this._companyName != null;
}
///
/// Gets and sets the property Compliance.
///
/// This data type is exclusive to findings that are generated as the result of a check
/// run against a specific rule in a supported security standard, such as CIS Amazon Web
/// Services Foundations. Contains security standard-related finding details.
///
///
public Compliance Compliance
{
get { return this._compliance; }
set { this._compliance = value; }
}
// Check to see if Compliance property is set
internal bool IsSetCompliance()
{
return this._compliance != null;
}
///
/// Gets and sets the property Confidence.
///
/// A finding's confidence. Confidence is defined as the likelihood that a finding accurately
/// identifies the behavior or issue that it was intended to identify.
///
///
///
/// Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent
/// confidence and 100 means 100 percent confidence.
///
///
public int Confidence
{
get { return this._confidence.GetValueOrDefault(); }
set { this._confidence = value; }
}
// Check to see if Confidence property is set
internal bool IsSetConfidence()
{
return this._confidence.HasValue;
}
///
/// Gets and sets the property CreatedAt.
///
/// Indicates when the security findings provider created the potential security issue
/// that a finding captured.
///
///
///
/// Uses the date-time format specified in RFC
/// 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces,
/// and date and time should be separated by T. For example, 2020-03-22T13:22:13.933Z.
///
///
[AWSProperty(Required=true)]
public string CreatedAt
{
get { return this._createdAt; }
set { this._createdAt = value; }
}
// Check to see if CreatedAt property is set
internal bool IsSetCreatedAt()
{
return this._createdAt != null;
}
///
/// Gets and sets the property Criticality.
///
/// The level of importance assigned to the resources associated with the finding.
///
///
///
/// A score of 0 means that the underlying resources have no criticality, and a score
/// of 100 is reserved for the most critical resources.
///
///
public int Criticality
{
get { return this._criticality.GetValueOrDefault(); }
set { this._criticality = value; }
}
// Check to see if Criticality property is set
internal bool IsSetCriticality()
{
return this._criticality.HasValue;
}
///
/// Gets and sets the property Description.
///
/// A finding's description.
///
///
///
/// In this release, Description is a required property.
///
///
///
[AWSProperty(Required=true)]
public string Description
{
get { return this._description; }
set { this._description = value; }
}
// Check to see if Description property is set
internal bool IsSetDescription()
{
return this._description != null;
}
///
/// Gets and sets the property FindingProviderFields.
///
/// In a BatchImportFindings request, finding providers use FindingProviderFields
/// to provide and update their own values for confidence, criticality, related findings,
/// severity, and types.
///
///
public FindingProviderFields FindingProviderFields
{
get { return this._findingProviderFields; }
set { this._findingProviderFields = value; }
}
// Check to see if FindingProviderFields property is set
internal bool IsSetFindingProviderFields()
{
return this._findingProviderFields != null;
}
///
/// Gets and sets the property FirstObservedAt.
///
/// Indicates when the security findings provider first observed the potential security
/// issue that a finding captured.
///
///
///
/// Uses the date-time format specified in RFC
/// 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces,
/// and date and time should be separated by T. For example, 2020-03-22T13:22:13.933Z.
///
///
public string FirstObservedAt
{
get { return this._firstObservedAt; }
set { this._firstObservedAt = value; }
}
// Check to see if FirstObservedAt property is set
internal bool IsSetFirstObservedAt()
{
return this._firstObservedAt != null;
}
///
/// Gets and sets the property GeneratorId.
///
/// The identifier for the solution-specific component (a discrete unit of logic) that
/// generated a finding. In various security findings providers' solutions, this generator
/// can be called a rule, a check, a detector, a plugin, etc.
///
///
[AWSProperty(Required=true)]
public string GeneratorId
{
get { return this._generatorId; }
set { this._generatorId = value; }
}
// Check to see if GeneratorId property is set
internal bool IsSetGeneratorId()
{
return this._generatorId != null;
}
///
/// Gets and sets the property Id.
///
/// The security findings provider-specific identifier for a finding.
///
///
[AWSProperty(Required=true)]
public string Id
{
get { return this._id; }
set { this._id = value; }
}
// Check to see if Id property is set
internal bool IsSetId()
{
return this._id != null;
}
///
/// Gets and sets the property LastObservedAt.
///
/// Indicates when the security findings provider most recently observed the potential
/// security issue that a finding captured.
///
///
///
/// Uses the date-time format specified in RFC
/// 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces,
/// and date and time should be separated by T. For example, 2020-03-22T13:22:13.933Z.
///
///
public string LastObservedAt
{
get { return this._lastObservedAt; }
set { this._lastObservedAt = value; }
}
// Check to see if LastObservedAt property is set
internal bool IsSetLastObservedAt()
{
return this._lastObservedAt != null;
}
///
/// Gets and sets the property Malware.
///
/// A list of malware related to a finding.
///
///
public List Malware
{
get { return this._malware; }
set { this._malware = value; }
}
// Check to see if Malware property is set
internal bool IsSetMalware()
{
return this._malware != null && this._malware.Count > 0;
}
///
/// Gets and sets the property Network.
///
/// The details of network-related information about a finding.
///
///
public Network Network
{
get { return this._network; }
set { this._network = value; }
}
// Check to see if Network property is set
internal bool IsSetNetwork()
{
return this._network != null;
}
///
/// Gets and sets the property NetworkPath.
///
/// Provides information about a network path that is relevant to a finding. Each entry
/// under NetworkPath represents a component of that path.
///
///
public List NetworkPath
{
get { return this._networkPath; }
set { this._networkPath = value; }
}
// Check to see if NetworkPath property is set
internal bool IsSetNetworkPath()
{
return this._networkPath != null && this._networkPath.Count > 0;
}
///
/// Gets and sets the property Note.
///
/// A user-defined note added to a finding.
///
///
public Note Note
{
get { return this._note; }
set { this._note = value; }
}
// Check to see if Note property is set
internal bool IsSetNote()
{
return this._note != null;
}
///
/// Gets and sets the property PatchSummary.
///
/// Provides an overview of the patch compliance status for an instance against a selected
/// compliance standard.
///
///
public PatchSummary PatchSummary
{
get { return this._patchSummary; }
set { this._patchSummary = value; }
}
// Check to see if PatchSummary property is set
internal bool IsSetPatchSummary()
{
return this._patchSummary != null;
}
///
/// Gets and sets the property Process.
///
/// The details of process-related information about a finding.
///
///
public ProcessDetails Process
{
get { return this._process; }
set { this._process = value; }
}
// Check to see if Process property is set
internal bool IsSetProcess()
{
return this._process != null;
}
///
/// Gets and sets the property ProductArn.
///
/// The ARN generated by Security Hub that uniquely identifies a product that generates
/// findings. This can be the ARN for a third-party product that is integrated with Security
/// Hub, or the ARN for a custom integration.
///
///
[AWSProperty(Required=true)]
public string ProductArn
{
get { return this._productArn; }
set { this._productArn = value; }
}
// Check to see if ProductArn property is set
internal bool IsSetProductArn()
{
return this._productArn != null;
}
///
/// Gets and sets the property ProductFields.
///
/// A data type where security findings providers can include additional solution-specific
/// details that aren't part of the defined AwsSecurityFinding format.
///
///
///
/// Can contain up to 50 key-value pairs. For each key-value pair, the key can contain
/// up to 128 characters, and the value can contain up to 2048 characters.
///
///
public Dictionary ProductFields
{
get { return this._productFields; }
set { this._productFields = value; }
}
// Check to see if ProductFields property is set
internal bool IsSetProductFields()
{
return this._productFields != null && this._productFields.Count > 0;
}
///
/// Gets and sets the property ProductName.
///
/// The name of the product that generated the finding.
///
///
///
/// Security Hub populates this attribute automatically for each finding. You cannot update
/// this attribute with BatchImportFindings or BatchUpdateFindings.
/// The exception to this is a custom integration.
///
///
///
/// When you use the Security Hub console or API to filter findings by product name, you
/// use this attribute.
///
///
public string ProductName
{
get { return this._productName; }
set { this._productName = value; }
}
// Check to see if ProductName property is set
internal bool IsSetProductName()
{
return this._productName != null;
}
///
/// Gets and sets the property RecordState.
///
/// The record state of a finding.
///
///
public RecordState RecordState
{
get { return this._recordState; }
set { this._recordState = value; }
}
// Check to see if RecordState property is set
internal bool IsSetRecordState()
{
return this._recordState != null;
}
///
/// Gets and sets the property Region.
///
/// The Region from which the finding was generated.
///
///
///
/// Security Hub populates this attribute automatically for each finding. You cannot update
/// it using BatchImportFindings or BatchUpdateFindings.
///
///
public string Region
{
get { return this._region; }
set { this._region = value; }
}
// Check to see if Region property is set
internal bool IsSetRegion()
{
return this._region != null;
}
///
/// Gets and sets the property RelatedFindings.
///
/// A list of related findings.
///
///
public List RelatedFindings
{
get { return this._relatedFindings; }
set { this._relatedFindings = value; }
}
// Check to see if RelatedFindings property is set
internal bool IsSetRelatedFindings()
{
return this._relatedFindings != null && this._relatedFindings.Count > 0;
}
///
/// Gets and sets the property Remediation.
///
/// A data type that describes the remediation options for a finding.
///
///
public Remediation Remediation
{
get { return this._remediation; }
set { this._remediation = value; }
}
// Check to see if Remediation property is set
internal bool IsSetRemediation()
{
return this._remediation != null;
}
///
/// Gets and sets the property Resources.
///
/// A set of resource data types that describe the resources that the finding refers to.
///
///
[AWSProperty(Required=true)]
public List Resources
{
get { return this._resources; }
set { this._resources = value; }
}
// Check to see if Resources property is set
internal bool IsSetResources()
{
return this._resources != null && this._resources.Count > 0;
}
///
/// Gets and sets the property Sample.
///
/// Indicates whether the finding is a sample finding.
///
///
public bool Sample
{
get { return this._sample.GetValueOrDefault(); }
set { this._sample = value; }
}
// Check to see if Sample property is set
internal bool IsSetSample()
{
return this._sample.HasValue;
}
///
/// Gets and sets the property SchemaVersion.
///
/// The schema version that a finding is formatted for.
///
///
[AWSProperty(Required=true)]
public string SchemaVersion
{
get { return this._schemaVersion; }
set { this._schemaVersion = value; }
}
// Check to see if SchemaVersion property is set
internal bool IsSetSchemaVersion()
{
return this._schemaVersion != null;
}
///
/// Gets and sets the property Severity.
///
/// A finding's severity.
///
///
public Severity Severity
{
get { return this._severity; }
set { this._severity = value; }
}
// Check to see if Severity property is set
internal bool IsSetSeverity()
{
return this._severity != null;
}
///
/// Gets and sets the property SourceUrl.
///
/// A URL that links to a page about the current finding in the security findings provider's
/// solution.
///
///
public string SourceUrl
{
get { return this._sourceUrl; }
set { this._sourceUrl = value; }
}
// Check to see if SourceUrl property is set
internal bool IsSetSourceUrl()
{
return this._sourceUrl != null;
}
///
/// Gets and sets the property ThreatIntelIndicators.
///
/// Threat intelligence details related to a finding.
///
///
public List ThreatIntelIndicators
{
get { return this._threatIntelIndicators; }
set { this._threatIntelIndicators = value; }
}
// Check to see if ThreatIntelIndicators property is set
internal bool IsSetThreatIntelIndicators()
{
return this._threatIntelIndicators != null && this._threatIntelIndicators.Count > 0;
}
///
/// Gets and sets the property Threats.
///
/// Details about the threat detected in a security finding and the file paths that were
/// affected by the threat.
///
///
public List Threats
{
get { return this._threats; }
set { this._threats = value; }
}
// Check to see if Threats property is set
internal bool IsSetThreats()
{
return this._threats != null && this._threats.Count > 0;
}
///
/// Gets and sets the property Title.
///
/// A finding's title.
///
///
///
/// In this release, Title is a required property.
///
///
///
[AWSProperty(Required=true)]
public string Title
{
get { return this._title; }
set { this._title = value; }
}
// Check to see if Title property is set
internal bool IsSetTitle()
{
return this._title != null;
}
///
/// Gets and sets the property Types.
///
/// One or more finding types in the format of namespace/category/classifier
/// that classify a finding.
///
///
///
/// Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual
/// Behaviors | Sensitive Data Identifications
///
///
public List Types
{
get { return this._types; }
set { this._types = value; }
}
// Check to see if Types property is set
internal bool IsSetTypes()
{
return this._types != null && this._types.Count > 0;
}
///
/// Gets and sets the property UpdatedAt.
///
/// Indicates when the security findings provider last updated the finding record.
///
///
///
/// Uses the date-time format specified in RFC
/// 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces,
/// and date and time should be separated by T. For example, 2020-03-22T13:22:13.933Z.
///
///
[AWSProperty(Required=true)]
public string UpdatedAt
{
get { return this._updatedAt; }
set { this._updatedAt = value; }
}
// Check to see if UpdatedAt property is set
internal bool IsSetUpdatedAt()
{
return this._updatedAt != null;
}
///
/// Gets and sets the property UserDefinedFields.
///
/// A list of name/value string pairs associated with the finding. These are custom, user-defined
/// fields added to a finding.
///
///
public Dictionary UserDefinedFields
{
get { return this._userDefinedFields; }
set { this._userDefinedFields = value; }
}
// Check to see if UserDefinedFields property is set
internal bool IsSetUserDefinedFields()
{
return this._userDefinedFields != null && this._userDefinedFields.Count > 0;
}
///
/// Gets and sets the property VerificationState.
///
/// Indicates the veracity of a finding.
///
///
public VerificationState VerificationState
{
get { return this._verificationState; }
set { this._verificationState = value; }
}
// Check to see if VerificationState property is set
internal bool IsSetVerificationState()
{
return this._verificationState != null;
}
///
/// Gets and sets the property Vulnerabilities.
///
/// Provides a list of vulnerabilities associated with the findings.
///
///
public List Vulnerabilities
{
get { return this._vulnerabilities; }
set { this._vulnerabilities = value; }
}
// Check to see if Vulnerabilities property is set
internal bool IsSetVulnerabilities()
{
return this._vulnerabilities != null && this._vulnerabilities.Count > 0;
}
///
/// Gets and sets the property Workflow.
///
/// Provides information about the status of the investigation into a finding.
///
///
public Workflow Workflow
{
get { return this._workflow; }
set { this._workflow = value; }
}
// Check to see if Workflow property is set
internal bool IsSetWorkflow()
{
return this._workflow != null;
}
///
/// Gets and sets the property WorkflowState.
///
/// The workflow state of a finding.
///
///
public WorkflowState WorkflowState
{
get { return this._workflowState; }
set { this._workflowState = value; }
}
// Check to see if WorkflowState property is set
internal bool IsSetWorkflowState()
{
return this._workflowState != null;
}
}
}