class Aws::SecurityHub::Types::ThreatIntelIndicator

Details about the threat intelligence related to a finding.

@note When making an API call, you may pass ThreatIntelIndicator

data as a hash:

    {
      type: "DOMAIN", # accepts DOMAIN, EMAIL_ADDRESS, HASH_MD5, HASH_SHA1, HASH_SHA256, HASH_SHA512, IPV4_ADDRESS, IPV6_ADDRESS, MUTEX, PROCESS, URL
      value: "NonEmptyString",
      category: "BACKDOOR", # accepts BACKDOOR, CARD_STEALER, COMMAND_AND_CONTROL, DROP_SITE, EXPLOIT_SITE, KEYLOGGER
      last_observed_at: "NonEmptyString",
      source: "NonEmptyString",
      source_url: "NonEmptyString",
    }

@!attribute [rw] type

The type of threat intelligence indicator.
@return [String]

@!attribute [rw] value

The value of a threat intelligence indicator.
@return [String]

@!attribute [rw] category

The category of a threat intelligence indicator.
@return [String]

@!attribute [rw] last_observed_at

Indicates when the most recent instance of a threat intelligence
indicator was observed.

Uses the `date-time` format specified in [RFC 3339 section 5.6,
Internet Date/Time Format][1]. The value cannot contain spaces. For
example, `2020-03-22T13:22:13.933Z`.

[1]: https://tools.ietf.org/html/rfc3339#section-5.6
@return [String]

@!attribute [rw] source

The source of the threat intelligence indicator.
@return [String]

@!attribute [rw] source_url

The URL to the page or site where you can get more information about
the threat intelligence indicator.
@return [String]

@see docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ThreatIntelIndicator AWS API Documentation

Constants

SENSITIVE