ScaFinding
No description
type ScaFinding implements BaseFields, FindingInterface, IssueInterface {
aiAgentAnalysis: AiAgentAnalysis
asset: Asset!
assignedUsers: [PortalUserBasicInfoType!]
author: PortalUser!
category: String
controlSyncStatus: ControlSyncStatus
createdAt: ISO8601DateTime!
description: String!
detail: ScaFindingDetail!
fingerprint: String!
history: [IssueHistory!]
id: ID
impactLevel: ImpactLevelCategory
legacyId: ID
originalIssueIdFromTool: String
patterns: [String!]
permittedStatus: [IssueStatusLabel!]!
probabilityLevel: ProbabilityLevelCategory
project: Project
reference: String
riskAcceptedUntil: ISO8601DateTime
scanSource: String
severity: SeverityCategory
solution: String
status: IssueStatusLabel!
statusHistory: [IssueStatusHistory!]!
title: String!
type: Issue!
updatedAt: ISO8601DateTime!
}
Fields
ScaFinding.aiAgentAnalysis ● AiAgentAnalysis object
AI agent analysis information for this issue
ScaFinding.asset ● Asset! non-null object
The asset associated with the vulnerability
ScaFinding.assignedUsers ● [PortalUserBasicInfoType!] list object
ScaFinding.author ● PortalUser! non-null object
The author who created the vulnerability
ScaFinding.category ● String scalar
CWE Categories
ScaFinding.controlSyncStatus ● ControlSyncStatus object
The scan/sync that brought this vulnerability to Conviso Platform
ScaFinding.createdAt ● ISO8601DateTime! non-null scalar
The date when record was created
ScaFinding.description ● String! non-null scalar
A detailed description of the vulnerability
ScaFinding.detail ● ScaFindingDetail! non-null object
Detailed information about the SCA vulnerability
ScaFinding.fingerprint ● String! non-null scalar
A unique identifier for the vulnerability
ScaFinding.history ● [IssueHistory!] list object
ScaFinding.id ● ID scalar
The ID scalar type represents a unique identifier
ScaFinding.impactLevel ● ImpactLevelCategory enum
The impact level of the vulnerability
ScaFinding.legacyId ● ID scalar
ID associated with the old vulnerability management
ScaFinding.originalIssueIdFromTool ● String scalar
The original vulnerability ID from the tool that detected the vulnerability
ScaFinding.patterns ● [String!] list scalar
OWASP Patterns
ScaFinding.permittedStatus ● [IssueStatusLabel!]! non-null enum
List of statuses available for change
ScaFinding.probabilityLevel ● ProbabilityLevelCategory enum
The probability level of the vulnerability being exploited
ScaFinding.project ● Project object
Associated project
ScaFinding.reference ● String scalar
Links for further information
ScaFinding.riskAcceptedUntil ● ISO8601DateTime scalar
The datetime until which the risk is accepted
ScaFinding.scanSource ● String scalar
Source of the vulnerability; Retrieves the name of the source (e.g.: Dependency Track)
ScaFinding.severity ● SeverityCategory enum
The severity of the vulnerability
ScaFinding.solution ● String scalar
The solution or mitigation for the vulnerability
ScaFinding.status ● IssueStatusLabel! non-null enum
The current status of the vulnerability
ScaFinding.statusHistory ● [IssueStatusHistory!]! non-null object
List of previous statuses
ScaFinding.title ● String! non-null scalar
The title of the vulnerability
ScaFinding.type ● Issue! non-null enum
The type of the vulnerability (e.g., SAST, SCA, Web, Network, etc.)
ScaFinding.updatedAt ● ISO8601DateTime! non-null scalar
The date when record was updated
Interfaces
BaseFields interface
FindingInterface interface
IssueInterface interface
Member Of
CreateScaFindingPayload object
Resources
By exploring our content, you'll find resources that will enhance your understanding of the importance of a Security Application Program.
Conviso Blog: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily in English.
Conviso's YouTube Channel: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.