2023/07/31 - Inspector2 - 1 new api methods
Changes This release adds 1 new API: BatchGetFindingDetails to retrieve enhanced vulnerability intelligence details for findings.
Gets vulnerability details for findings.
See also: AWS API Documentation
Request Syntax
client.batch_get_finding_details(
findingArns=[
'string',
]
)
list
[REQUIRED]
A list of finding ARNs.
(string) --
dict
Response Syntax
{
'errors': [
{
'errorCode': 'INTERNAL_ERROR'|'ACCESS_DENIED'|'FINDING_DETAILS_NOT_FOUND'|'INVALID_INPUT',
'errorMessage': 'string',
'findingArn': 'string'
},
],
'findingDetails': [
{
'cisaData': {
'action': 'string',
'dateAdded': datetime(2015, 1, 1),
'dateDue': datetime(2015, 1, 1)
},
'cwes': [
'string',
],
'epssScore': 123.0,
'evidences': [
{
'evidenceDetail': 'string',
'evidenceRule': 'string',
'severity': 'string'
},
],
'exploitObserved': {
'firstSeen': datetime(2015, 1, 1),
'lastSeen': datetime(2015, 1, 1)
},
'findingArn': 'string',
'referenceUrls': [
'string',
],
'riskScore': 123,
'tools': [
'string',
],
'ttps': [
'string',
]
},
]
}
Response Structure
(dict) --
errors (list) --
Error information for findings that details could not be returned for.
(dict) --
Details about an error encountered when trying to return vulnerability data for a finding.
errorCode (string) --
The error code.
errorMessage (string) --
The error message.
findingArn (string) --
The finding ARN that returned an error.
findingDetails (list) --
A finding's vulnerability details.
(dict) --
Details of the vulnerability identified in a finding.
cisaData (dict) --
The Cybersecurity and Infrastructure Security Agency (CISA) details for a specific vulnerability.
action (string) --
The remediation action recommended by CISA for this vulnerability.
dateAdded (datetime) --
The date and time CISA added this vulnerability to their catalogue.
dateDue (datetime) --
The date and time CISA expects a fix to have been provided vulnerability.
cwes (list) --
The Common Weakness Enumerations (CWEs) associated with the vulnerability.
(string) --
epssScore (float) --
The Exploit Prediction Scoring System (EPSS) score of the vulnerability.
evidences (list) --
Information on the evidence of the vulnerability.
(dict) --
Details of the evidence for a vulnerability identified in a finding.
evidenceDetail (string) --
The evidence details.
evidenceRule (string) --
The evidence rule.
severity (string) --
The evidence severity.
exploitObserved (dict) --
Contains information on when this exploit was observed.
firstSeen (datetime) --
The date an time when the exploit was first seen.
lastSeen (datetime) --
The date an time when the exploit was last seen.
findingArn (string) --
The finding ARN that the vulnerability details are associated with.
referenceUrls (list) --
The reference URLs for the vulnerability data.
(string) --
riskScore (integer) --
The risk score of the vulnerability.
tools (list) --
The known malware tools or kits that can exploit the vulnerability.
(string) --
ttps (list) --
The MITRE adversary tactics, techniques, or procedures (TTPs) associated with the vulnerability.
(string) --