IacFinding
No description
type IacFinding implements BaseFields, FindingInterface, IssueInterface {
aiAgentAnalysis: AiAgentAnalysis
asset: Asset!
assignedUsers: [PortalUserBasicInfoType!]
author: PortalUser!
category: String
controlSyncStatus: ControlSyncStatus
createdAt: ISO8601DateTime!
description: String!
detail: IacFindingDetail!
fingerprint: String!
history: [IssueHistory!]
id: ID
impactLevel: ImpactLevelCategory
legacyId: ID
originalIssueIdFromTool: String
patterns: [String!]
permittedStatus: [IssueStatusLabel!]!
probabilityLevel: ProbabilityLevelCategory
project: Project
reference: String
riskAcceptedUntil: ISO8601DateTime
scanSource: String
severity: SeverityCategory
solution: String
status: IssueStatusLabel!
statusHistory: [IssueStatusHistory!]!
title: String!
type: Issue!
updatedAt: ISO8601DateTime!
}
Fields
IacFinding.aiAgentAnalysis ● AiAgentAnalysis object
AI agent analysis information for this issue
IacFinding.asset ● Asset! non-null object
The asset associated with the vulnerability
IacFinding.assignedUsers ● [PortalUserBasicInfoType!] list object
IacFinding.author ● PortalUser! non-null object
The author who created the vulnerability
IacFinding.category ● String scalar
CWE Categories
IacFinding.controlSyncStatus ● ControlSyncStatus object
The scan/sync that brought this vulnerability to Conviso Platform
IacFinding.createdAt ● ISO8601DateTime! non-null scalar
The date when record was created
IacFinding.description ● String! non-null scalar
A detailed description of the vulnerability
IacFinding.detail ● IacFindingDetail! non-null object
Detailed information about the IaC vulnerability
IacFinding.fingerprint ● String! non-null scalar
A unique identifier for the vulnerability
IacFinding.history ● [IssueHistory!] list object
IacFinding.id ● ID scalar
The ID scalar type represents a unique identifier
IacFinding.impactLevel ● ImpactLevelCategory enum
The impact level of the vulnerability
IacFinding.legacyId ● ID scalar
ID associated with the old vulnerability management
IacFinding.originalIssueIdFromTool ● String scalar
The original vulnerability ID from the tool that detected the vulnerability
IacFinding.patterns ● [String!] list scalar
OWASP Patterns
IacFinding.permittedStatus ● [IssueStatusLabel!]! non-null enum
List of statuses available for change
IacFinding.probabilityLevel ● ProbabilityLevelCategory enum
The probability level of the vulnerability being exploited
IacFinding.project ● Project object
Associated project
IacFinding.reference ● String scalar
Links for further information
IacFinding.riskAcceptedUntil ● ISO8601DateTime scalar
The datetime until which the risk is accepted
IacFinding.scanSource ● String scalar
Source of the vulnerability; Retrieves the name of the source (e.g.: Dependency Track)
IacFinding.severity ● SeverityCategory enum
The severity of the vulnerability
IacFinding.solution ● String scalar
The solution or mitigation for the vulnerability
IacFinding.status ● IssueStatusLabel! non-null enum
The current status of the vulnerability
IacFinding.statusHistory ● [IssueStatusHistory!]! non-null object
List of previous statuses
IacFinding.title ● String! non-null scalar
The title of the vulnerability
IacFinding.type ● Issue! non-null enum
The type of the vulnerability (e.g., SAST, SCA, Web, Network, etc.)
IacFinding.updatedAt ● ISO8601DateTime! non-null scalar
The date when record was updated
Interfaces
BaseFields interface
FindingInterface interface
IssueInterface interface
Member Of
Resources
By exploring our content, you'll find resources that will enhance your understanding of the importance of a Security Application Program.
Conviso Blog: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily in English.
Conviso's YouTube Channel: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.