SecretFinding
No description
type SecretFinding implements BaseFields, FindingInterface, IssueInterface {
aiAgentAnalysis: AiAgentAnalysis
asset: Asset!
assignedUsers: [PortalUserBasicInfoType!]
author: PortalUser!
category: String
controlSyncStatus: ControlSyncStatus
createdAt: ISO8601DateTime!
description: String!
detail: SecretFindingDetail!
fingerprint: String!
history: [IssueHistory!]
id: ID
impactLevel: ImpactLevelCategory
legacyId: ID
originalIssueIdFromTool: String
patterns: [String!]
permittedStatus: [IssueStatusLabel!]!
probabilityLevel: ProbabilityLevelCategory
project: Project
reference: String
riskAcceptedUntil: ISO8601DateTime
scanSource: String
severity: SeverityCategory
solution: String
status: IssueStatusLabel!
statusHistory: [IssueStatusHistory!]!
title: String!
type: Issue!
updatedAt: ISO8601DateTime!
}
Fields
SecretFinding.aiAgentAnalysis ● AiAgentAnalysis object
AI agent analysis information for this issue
SecretFinding.asset ● Asset! non-null object
The asset associated with the vulnerability
SecretFinding.assignedUsers ● [PortalUserBasicInfoType!] list object
SecretFinding.author ● PortalUser! non-null object
The author who created the vulnerability
SecretFinding.category ● String scalar
CWE Categories
SecretFinding.controlSyncStatus ● ControlSyncStatus object
The scan/sync that brought this vulnerability to Conviso Platform
SecretFinding.createdAt ● ISO8601DateTime! non-null scalar
The date when record was created
SecretFinding.description ● String! non-null scalar
A detailed description of the vulnerability
SecretFinding.detail ● SecretFindingDetail! non-null object
Detailed information about the Secrets vulnerability
SecretFinding.fingerprint ● String! non-null scalar
A unique identifier for the vulnerability
SecretFinding.history ● [IssueHistory!] list object
SecretFinding.id ● ID scalar
The ID scalar type represents a unique identifier
SecretFinding.impactLevel ● ImpactLevelCategory enum
The impact level of the vulnerability
SecretFinding.legacyId ● ID scalar
ID associated with the old vulnerability management
SecretFinding.originalIssueIdFromTool ● String scalar
The original vulnerability ID from the tool that detected the vulnerability
SecretFinding.patterns ● [String!] list scalar
OWASP Patterns
SecretFinding.permittedStatus ● [IssueStatusLabel!]! non-null enum
List of statuses available for change
SecretFinding.probabilityLevel ● ProbabilityLevelCategory enum
The probability level of the vulnerability being exploited
SecretFinding.project ● Project object
Associated project
SecretFinding.reference ● String scalar
Links for further information
SecretFinding.riskAcceptedUntil ● ISO8601DateTime scalar
The datetime until which the risk is accepted
SecretFinding.scanSource ● String scalar
Source of the vulnerability; Retrieves the name of the source (e.g.: Dependency Track)
SecretFinding.severity ● SeverityCategory enum
The severity of the vulnerability
SecretFinding.solution ● String scalar
The solution or mitigation for the vulnerability
SecretFinding.status ● IssueStatusLabel! non-null enum
The current status of the vulnerability
SecretFinding.statusHistory ● [IssueStatusHistory!]! non-null object
List of previous statuses
SecretFinding.title ● String! non-null scalar
The title of the vulnerability
SecretFinding.type ● Issue! non-null enum
The type of the vulnerability (e.g., SAST, SCA, Web, Network, etc.)
SecretFinding.updatedAt ● ISO8601DateTime! non-null scalar
The date when record was updated
Interfaces
BaseFields interface
FindingInterface interface
IssueInterface interface
Member Of
Resources
By exploring our content, you'll find resources that will enhance your understanding of the importance of a Security Application Program.
Conviso Blog: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily in English.
Conviso's YouTube Channel: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.