# Remediate using the Web UI
<a name="remediate-with-ui"></a>

Alternatively, you can use the solution’s Web UI to remediate AWS Security Hub findings and view past remediations.

**Note**  
You must set the `ShouldDeployWebUI` parameter to "yes" when deploying the Admin stack in order to use the solution’s Web UI.

## Log in to the Web UI
<a name="webui-signin"></a>

After deploying the solution, you will receive an email with temporary credentials and a link to the solution’s Web UI from [no-reply@verificationemail.com](mailto:no-reply@verificationemail.com). This will be sent to the email address you provided when deploying the Admin stack.

Locate the email, copy the temporary credentials, and click the Web UI link. This link will take you directly to the sign-in page, where you will enter your temporary credentials and set a new password.

## Locate the Lambda.1 finding
<a name="webui-locate-finding"></a>

Once you log in, you will be presented with the **Findings page**. This page displays all Security Hub findings in your Security Hub administrator account that are supported for remediation, including findings for member accounts onboarded with AWS Security Hub.

On the **Findings page**, use the search bar to filter on **Resource ID** by entering the ARN of the Lambda function you created as part of this tutorial and performing a search using the "=" operator. This will display all AWS Security Hub findings supported by the solution for the Lambda function you created.

In order to find the `Lambda.1` finding generated in this tutorial, apply another filter on **Finding Type**. Click the **search bar**, select **Finding Type**, and select the **"=" operator**. If consolidated control findings is enabled in your environment, enter `security-control/Lambda.1`. Otherwise, choose a security standard that supports the Lambda.1 control and enter the Generator ID; for example `aws-foundational-security-best-practices/v/1.0.0/Lambda.1`.

After applying the **Resource ID** and **Finding Type** filters, you will see only the Lambda.1 finding generated by AWS Security Hub for your test resource listed in the table.

**Note**  
It may take some time for AWS Security Hub to generate the Lambda.1 finding for the resource you created. If you do not see the finding after applying both filters, wait 5-10 minutes and search for the finding again.

## Initiate the remediation
<a name="webui-remediate"></a>

Select the finding you located in the previous step, then click **Actions > Remediate**. This will begin a remediation for the finding you selected.

You can view the progress of this remediation on the **Execution History** page. After waiting a few minutes, refresh the **Execution History** page by clicking the **refresh** icon on the top right, and you should see that the **Status** has changed from `In progress` to `Success`.

## Confirm that the remediation resolved the finding
<a name="webui-confirm-remediation"></a>

When the finding is marked as `Resolved` by AWS Security Hub, it will automatically be removed from the **Findings** page in the Web UI.

To verify that the remediation resolved the finding, navigate to the Lambda console in the member account and confirm that the public access has been revoked.

**Note**  
Some findings may still appear on the **Findings** page even with a **Remediation Status** of `Success`. This is because AWS Security Hub takes up to 24 hours to mark a finding as resolved after the resource has been updated. You can **suppress** findings you no longer want to see on the **Findings** page by selecting the finding and clicking **Actions > Suppress**.