Inspector2 / Client / batch_get_finding_details

batch_get_finding_details#

Inspector2.Client.batch_get_finding_details(**kwargs)#

Gets vulnerability details for findings.

See also: AWS API Documentation

Request Syntax

response = client.batch_get_finding_details(
    findingArns=[
        'string',
    ]
)
Parameters:

findingArns (list) –

[REQUIRED]

A list of finding ARNs.

  • (string) –

Return type:

dict

Returns:

Response Syntax

{
    'errors': [
        {
            'errorCode': 'INTERNAL_ERROR'|'ACCESS_DENIED'|'FINDING_DETAILS_NOT_FOUND'|'INVALID_INPUT',
            'errorMessage': 'string',
            'findingArn': 'string'
        },
    ],
    'findingDetails': [
        {
            'cisaData': {
                'action': 'string',
                'dateAdded': datetime(2015, 1, 1),
                'dateDue': datetime(2015, 1, 1)
            },
            'cwes': [
                'string',
            ],
            'epssScore': 123.0,
            'evidences': [
                {
                    'evidenceDetail': 'string',
                    'evidenceRule': 'string',
                    'severity': 'string'
                },
            ],
            'exploitObserved': {
                'firstSeen': datetime(2015, 1, 1),
                'lastSeen': datetime(2015, 1, 1)
            },
            'findingArn': 'string',
            'referenceUrls': [
                'string',
            ],
            'riskScore': 123,
            'tools': [
                'string',
            ],
            'ttps': [
                'string',
            ]
        },
    ]
}

Response Structure

  • (dict) –

    • errors (list) –

      Error information for findings that details could not be returned for.

      • (dict) –

        Details about an error encountered when trying to return vulnerability data for a finding.

        • errorCode (string) –

          The error code.

        • errorMessage (string) –

          The error message.

        • findingArn (string) –

          The finding ARN that returned an error.

    • findingDetails (list) –

      A finding’s vulnerability details.

      • (dict) –

        Details of the vulnerability identified in a finding.

        • cisaData (dict) –

          The Cybersecurity and Infrastructure Security Agency (CISA) details for a specific vulnerability.

          • action (string) –

            The remediation action recommended by CISA for this vulnerability.

          • dateAdded (datetime) –

            The date and time CISA added this vulnerability to their catalogue.

          • dateDue (datetime) –

            The date and time CISA expects a fix to have been provided vulnerability.

        • cwes (list) –

          The Common Weakness Enumerations (CWEs) associated with the vulnerability.

          • (string) –

        • epssScore (float) –

          The Exploit Prediction Scoring System (EPSS) score of the vulnerability.

        • evidences (list) –

          Information on the evidence of the vulnerability.

          • (dict) –

            Details of the evidence for a vulnerability identified in a finding.

            • evidenceDetail (string) –

              The evidence details.

            • evidenceRule (string) –

              The evidence rule.

            • severity (string) –

              The evidence severity.

        • exploitObserved (dict) –

          Contains information on when this exploit was observed.

          • firstSeen (datetime) –

            The date an time when the exploit was first seen.

          • lastSeen (datetime) –

            The date an time when the exploit was last seen.

        • findingArn (string) –

          The finding ARN that the vulnerability details are associated with.

        • referenceUrls (list) –

          The reference URLs for the vulnerability data.

          • (string) –

        • riskScore (integer) –

          The risk score of the vulnerability.

        • tools (list) –

          The known malware tools or kits that can exploit the vulnerability.

          • (string) –

        • ttps (list) –

          The MITRE adversary tactics, techniques, or procedures (TTPs) associated with the vulnerability.

          • (string) –

Exceptions