OBJECT

SecurityFinding

Describes a security finding

link GraphQL Schema definition

  • type SecurityFinding implements HyperLinked, Node {
  • # The time this finding was created
  • creationTime: DateTime!
  • # Back-reference to entity to which this finding is associated
  • entity: Entity!
  • # Unique identifier of the finding
  • findingId: String!
  • # List of frameworks to which the rule is mapped.
  • frameworks: SecurityFrameworksConnection!
  • # Optional hyperlink(s) to visualize specific finding data in detail
  • hyperlinks: [HyperLink!]
  • # Node-compatible opaque global identifier
  • id: ID!
  • # The last time this finding was successfully updated
  • lastUpdateTime: DateTime!
  • # Management Endpoint for this Finding. For public cloud resources this will be
  • # the cloud account ID.
  • managementEndpoint: ManagementEndpoint
  • # For cloud resources, this property refers to the specific Cloud Provider i.e.
  • # AWS, Azure etc.
  • provider: String
  • # For resolved findings, this field indicates the reason why the finding was
  • # resolved
  • reason: SecurityFindingReason
  • # For cloud resources, this property contains the Region of the resource.
  • region: String
  • # A computed metric to help users prioritize efforts to mitigate discovered
  • # findings
  • riskScore: Int!
  • # Back-reference to the rule which triggered this finding.
  • # Findings coming from 3rd party systems like cloud provider security services
  • # does not have a rule associated with them.
  • rule: SecurityRule
  • # For cloud resources, this property contains the Service of the resource.
  • service: String
  • # The severity of this finding e.g. Critical, High, Medium or Low
  • severity: SecurityFindingSeverity!
  • # Source of the finding e.g. Native, GuardDuty, AccessAnalyzer etc.
  • source: SecurityFindingSource!
  • # Status of the finding: e.g. Open or Resolved
  • status: SecurityFindingStatus!
  • # Type of the finding e.g. Violation, Threat, Anomaly
  • type: SecurityFindingType!
  • }