Reviewing details for an exposure finding in the Security Hub console Reviewing details for an exposure finding with the API

Reviewing details for exposure findings

This topic describes how to review details about exposure findings in the AWS Security Hub console and with the API.

Reviewing details for an exposure finding in the Security Hub console

To view details for an exposure finding in the Security Hub console

Sign in using your credentials, and open the Security Hub console at https://console.aws.amazon.com/securityhub/v2/home.
From the navigation pane, choose Exposures.
Choose an exposure finding that you want to view details.

Reviewing details for an exposure finding with the API

You can review exposure findings with the GetFindingsV2 API or with the AWS CLI. You can filter all exposure findings with the metadata.product.feature.uid field with the security-hub/Exposure value. For more information, see GetFindingsV2.

Example command

The following is an AWS CLI example that retrieves the 10 most recently generated exposure findings in your account. This example is formatted for Linux, macOS, or Unix, and it uses the backslash (\) line-continuation character to improve readability.


aws securityhub get-findings-v2 \
--max-results '10' \
--filter '{"CompositeFilters": [{"StringFilters": [{"FieldName":"metadata.product.feature.uid","Filter": {"Value":"security-hub/Exposure","Comparison":"EQUALS"}} ]}]}'

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Reviewing exposure findings

Potential attack path graph