AWS securityhub documentation change
Summary
Updated console URL, API filtering instructions, and CLI examples for exposure findings
Security assessment
Modified filtering methodology to use 'metadata.product.feature.uid' field with 'security-hub/Exposure' value. Improves security feature documentation but doesn't indicate a security fix. The URL change removes region specificity for general accessibility.
Diff
diff --git a/securityhub/latest/userguide/exposure-findings-review-details.md b/securityhub/latest/userguide/exposure-findings-review-details.md index a58aaceab..0a4768816 100644 --- a//securityhub/latest/userguide/exposure-findings-review-details.md +++ b//securityhub/latest/userguide/exposure-findings-review-details.md @@ -19 +19 @@ This topic describes how to review details about exposure findings in the Securi - 1. Sign in using your credentials, and open the Security Hub console at [https://console.aws.amazon.com/securityhub/v2/home?region=us-east-1]( https://console.aws.amazon.com/securityhub/v2/home?region=us-east-1). + 1. Sign in using your credentials, and open the Security Hub console at [https://console.aws.amazon.com/securityhub/v2/home]( https://console.aws.amazon.com/securityhub/v2/home). @@ -30 +30 @@ This topic describes how to review details about exposure findings in the Securi -You can review exposure findings with the [`GetFindingsV2`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingsV2.html) API or with the AWS CLI. You can filter the results with the `FindingProviderFieldsTypes` parameter and by providing a filter value of `Exposure/EC2` if you only want to return exposure findings for EC2 instances. You can filter by other fields to narrow down results. +You can review exposure findings with the [`GetFindingsV2`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingsV2.html) API or with the AWS CLI. You can filter all exposure findings with the `metadata.product.feature.uid` field with the `security-hub/Exposure` value. For more information, see [`GetFindingsV2`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingsV2.html). @@ -34 +34 @@ You can review exposure findings with the [`GetFindingsV2`](https://docs.aws.ama -The following is a AWS CLI example that retrieves the 10 most recently generated exposure findings in your account. This example is formatted for Linux, macOS, or Unix, and it uses the backslash (\\) line-continuation character to improve readability. +The following is an AWS CLI example that retrieves the 10 most recently generated exposure findings in your account. This example is formatted for Linux, macOS, or Unix, and it uses the backslash (\\) line-continuation character to improve readability. @@ -39 +39 @@ The following is a AWS CLI example that retrieves the 10 most recently generated - --filter '{"CompositeFilters": [{"StringFilters": [{"FieldName":"finding_info.title","Filter": {"Value":"GuardDuty","Comparison":"PREFIX"}} ]}]}' + --filter '{"CompositeFilters": [{"StringFilters": [{"FieldName":"metadata.product.feature.uid","Filter": {"Value":"security-hub/Exposure","Comparison":"EQUALS"}} ]}]}' @@ -50 +50 @@ Reviewing exposure findings -Remediating exposure findings +Potential attack path graph