def check_winrm_brute

def check_winrm_brute_force()

in security_hub_correlation_cdk/lambdas/create_sh_finding/create_sh_finding.py [0:0]

12 lines of code
3 McCabe index (conditional complexity)


def check_winrm_brute_force(sh_resource, ddbtable):
    ssh_brute_force = 'TTPs/Impact/Impact:EC2-WinRMBruteForce'
    try:
        winrm_brute_forice_payload = ddbtable.query(
        IndexName= DYNAMODB_GSI_TYPE,
        KeyConditionExpression=Key('ResourceId').eq(sh_resource) & Key('Types').eq(ssh_brute_force)
        )
        if winrm_brute_forice_payload['Count'] >= 1:
            logger.info('Found GuardDuty Win RM Bruteforce for {}.'.format(sh_resource))
            return winrm_brute_forice_payload
    except ClientError as error_handle:
        logger.error(error_handle.dynamodb_match['Error']['Code'])