SastFinding

No description

type SastFinding implements BaseFields, FindingInterface, IssueInterface {
  aiAgentAnalysis: AiAgentAnalysis
  asset: Asset!
  assignedUsers: [PortalUserBasicInfoType!]
  author: PortalUser!
  category: String
  controlSyncStatus: ControlSyncStatus
  createdAt: ISO8601DateTime!
  description: String!
  detail: SastFindingDetail!
  fingerprint: String!
  history: [IssueHistory!]
  id: ID
  impactLevel: ImpactLevelCategory
  originalIssueIdFromTool: String
  patterns: [String!]
  permittedStatus: [IssueStatusLabel!]!
  probabilityLevel: ProbabilityLevelCategory
  project: Project
  reference: String
  riskAcceptedUntil: ISO8601DateTime
  scanSource: String
  severity: SeverityCategory
  solution: String
  status: IssueStatusLabel!
  statusHistory: [IssueStatusHistory!]!
  title: String!
  type: Issue!
  updatedAt: ISO8601DateTime!
}

Fields

`SastFinding.aiAgentAnalysis` ● `AiAgentAnalysis` object

AI agent analysis information for this issue

`SastFinding.asset` ● `Asset!` non-null object

The asset associated with the vulnerability

`SastFinding.assignedUsers` ● `[PortalUserBasicInfoType!]` list object

`SastFinding.author` ● `PortalUser!` non-null object

The author who created the vulnerability

`SastFinding.category` ● `String` scalar

CWE Categories

`SastFinding.controlSyncStatus` ● `ControlSyncStatus` object

The scan/sync that brought this vulnerability to Conviso Platform

`SastFinding.createdAt` ● `ISO8601DateTime!` non-null scalar

The date when record was created

`SastFinding.description` ● `String!` non-null scalar

A detailed description of the vulnerability

`SastFinding.detail` ● `SastFindingDetail!` non-null object

Detailed information about the SAST vulnerability

`SastFinding.fingerprint` ● `String!` non-null scalar

A unique identifier for the vulnerability

`SastFinding.history` ● `[IssueHistory!]` list object

`SastFinding.id` ● `ID` scalar

The ID scalar type represents a unique identifier

`SastFinding.impactLevel` ● `ImpactLevelCategory` enum

The impact level of the vulnerability

`SastFinding.originalIssueIdFromTool` ● `String` scalar

The original vulnerability ID from the tool that detected the vulnerability

`SastFinding.patterns` ● `[String!]` list scalar

OWASP Patterns

`SastFinding.permittedStatus` ● `[IssueStatusLabel!]!` non-null enum

List of statuses available for change

`SastFinding.probabilityLevel` ● `ProbabilityLevelCategory` enum

The probability level of the vulnerability being exploited

`SastFinding.project` ● `Project` object

Associated project

`SastFinding.reference` ● `String` scalar

Links for further information

`SastFinding.riskAcceptedUntil` ● `ISO8601DateTime` scalar

The datetime until which the risk is accepted

`SastFinding.scanSource` ● `String` scalar

Source of the vulnerability; Retrieves the name of the source (e.g.: Dependency Track)

`SastFinding.severity` ● `SeverityCategory` enum

The severity of the vulnerability

`SastFinding.solution` ● `String` scalar

The solution or mitigation for the vulnerability

`SastFinding.status` ● `IssueStatusLabel!` non-null enum

The current status of the vulnerability

`SastFinding.statusHistory` ● `[IssueStatusHistory!]!` non-null object

List of previous statuses

`SastFinding.title` ● `String!` non-null scalar

The title of the vulnerability

`SastFinding.type` ● `Issue!` non-null enum

The type of the vulnerability (e.g., SAST, SCA, Web, Network, etc.)

`SastFinding.updatedAt` ● `ISO8601DateTime!` non-null scalar

The date when record was updated

Interfaces

`BaseFields` interface

`FindingInterface` interface

`IssueInterface` interface

Member Of

CreateOrUpdateSastFindingPayload object ● CreateSastFindingPayload object

Contribute to the Docs

Found something outdated or missing? Help us improve the documentation with a quick suggestion or edit.

How to contribute

Resources

By exploring our content, you'll find resources that will enhance your understanding of the importance of a Security Application Program.

Conviso Blog: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily in English.

Conviso's YouTube Channel: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.

Fields​

SastFinding.aiAgentAnalysis ● AiAgentAnalysis object​

SastFinding.asset ● Asset! non-null object​

SastFinding.assignedUsers ● [PortalUserBasicInfoType!] list object​

SastFinding.author ● PortalUser! non-null object​

SastFinding.category ● String scalar​

SastFinding.controlSyncStatus ● ControlSyncStatus object​

SastFinding.createdAt ● ISO8601DateTime! non-null scalar​

SastFinding.description ● String! non-null scalar​

SastFinding.detail ● SastFindingDetail! non-null object​

SastFinding.fingerprint ● String! non-null scalar​

SastFinding.history ● [IssueHistory!] list object​

SastFinding.id ● ID scalar​

SastFinding.impactLevel ● ImpactLevelCategory enum​

SastFinding.originalIssueIdFromTool ● String scalar​

SastFinding.patterns ● [String!] list scalar​

SastFinding.permittedStatus ● [IssueStatusLabel!]! non-null enum​

SastFinding.probabilityLevel ● ProbabilityLevelCategory enum​

SastFinding.project ● Project object​

SastFinding.reference ● String scalar​

SastFinding.riskAcceptedUntil ● ISO8601DateTime scalar​

SastFinding.scanSource ● String scalar​

SastFinding.severity ● SeverityCategory enum​

SastFinding.solution ● String scalar​

SastFinding.status ● IssueStatusLabel! non-null enum​

SastFinding.statusHistory ● [IssueStatusHistory!]! non-null object​

SastFinding.title ● String! non-null scalar​

SastFinding.type ● Issue! non-null enum​

SastFinding.updatedAt ● ISO8601DateTime! non-null scalar​

Interfaces​

BaseFields interface​

FindingInterface interface​

IssueInterface interface​

Member Of​