Class FindingProviderFields

java.lang.Object
software.amazon.awssdk.services.securityhub.model.FindingProviderFields
All Implemented Interfaces:
Serializable, SdkPojo, ToCopyableBuilder<FindingProviderFields.Builder,FindingProviderFields>
@Generated("software.amazon.awssdk:codegen") public final class FindingProviderFields extends Object implements SdkPojo, Serializable, ToCopyableBuilder<FindingProviderFields.Builder,FindingProviderFields>

In a BatchImportFindings request, finding providers use FindingProviderFields to provide and update values for the following fields:

  • Confidence

  • Criticality

  • RelatedFindings

  • Severity

  • Types

The preceding fields are nested under the FindingProviderFields object, but also have analogues of the same name as top-level ASFF fields. When a new finding is sent to Security Hub by a finding provider, Security Hub populates the FindingProviderFields object automatically, if it is empty, based on the corresponding top-level fields.

Finding providers can update FindingProviderFields only by using the BatchImportFindings operation. Finding providers can't update this object with the BatchUpdateFindings operation. Customers can update the top-level fields by using the BatchUpdateFindings operation. Customers can't update FindingProviderFields.

For information about how Security Hub handles updates from BatchImportFindings to FindingProviderFields and to the corresponding top-level attributes, see Using FindingProviderFields in the Security Hub User Guide.

See Also:

  • Method Details

    • confidence

      public final Integer confidence()

      A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

      Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

      Returns:
      A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

      Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

    • criticality

      public final Integer criticality()

      The level of importance assigned to the resources associated with the finding.

      A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

      Returns:
      The level of importance assigned to the resources associated with the finding.

      A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

    • hasRelatedFindings

      public final boolean hasRelatedFindings()
      For responses, this returns true if the service returned a value for the RelatedFindings property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • relatedFindings

      public final List<RelatedFinding> relatedFindings()

      A list of findings that are related to the current finding.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasRelatedFindings() method.

      Returns:
      A list of findings that are related to the current finding.

    • severity

      public final FindingProviderSeverity severity()

      The severity of a finding.

      Returns:
      The severity of a finding.

    • hasTypes

      public final boolean hasTypes()
      For responses, this returns true if the service returned a value for the Types property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

    • types

      public final List<String> types()

      One or more finding types in the format of namespace/category/classifier that classify a finding.

      Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasTypes() method.

      Returns:
      One or more finding types in the format of namespace/category/classifier that classify a finding.

      Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

    • toBuilder

      public FindingProviderFields.Builder toBuilder()
      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<FindingProviderFields.Builder,FindingProviderFields>
      Returns:
      a builder for type T

    • builder

      public static FindingProviderFields.Builder builder()

    • serializableBuilderClass

      public static Class<? extends FindingProviderFields.Builder> serializableBuilderClass()

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object

    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Description copied from interface: SdkPojo
      Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

      If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

      Specified by:
      equalsBySdkFields in interface SdkPojo
      Parameters:
      obj - the object to be compared with
      Returns:
      true if the other object equals to this object by sdk fields, false otherwise.

    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object

    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)

    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo
      Returns:
      List of SdkField in this POJO. May be empty list but should never be null.