
NetSPI
Application Security- Overview
- Setup
- Data & mappings
- Operations & API
- Changelog
Data retrieved from NetSPI
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Project | Yes | Application |
| AD Forest | Yes | AD Forest |
| ADDomain | Yes | ADDomain |
| ADOrganizationalUnit | Yes | ADOrganizationalUnit |
| ADServicePrincipalName | Yes | ADServicePrincipalName |
| ADTrustedDomain | Yes | ADTrustedDomain |
| ApplicationInstance | Yes | ApplicationInstance |
| CloudResource | Yes | Cloud Resource |
| Company | Yes | Company |
| DNSDomain | Yes | Site |
| DNSRecord | Yes | DNSRecord |
| FileShare | Yes | FileShare |
| File | Yes | File |
| Finding | Yes | Pentest Finding |
| FindingDefinition | Yes | Pentest Finding Definition |
| GenericAsset | Yes | GenericAsset |
| Group | Yes | Group |
| Host | Yes | Host |
| IPAddress | Yes | Host |
| Identity | Yes | Person |
| Location | Yes | Location |
| NetworkDevice | Yes | NetworkDevice |
| OperatingSystem | Yes | OperatingSystem |
| Person | Yes | Person |
| PhysicalComponent | Yes | PhysicalComponent |
| Policy | Yes | Policy |
| SourceCode | Yes | Code Project |
| Subnet | Yes | Subnet |
For detailed steps on how to view the data retrieved from NetSPI in the Brinqa Platform, see How to view your data.
Connection settings
When setting up a data integration, select NetSPI from the Connector dropdown and provide the following:
| Setting | Required | Default | Description |
|---|---|---|---|
| Server URL | No | https://<server>/ (Required) | NetSPI Platform server URL |
| API token | No | (user input, Required) | NetSPI Platform API token |
| Page size | No | 100 | Maximum number of records to get per API request |
| Maximum retries | No | 5 | The maximum number of retry attempts before giving up a request |
| Parallel requests | No | min(4, CPU cores) | The maximum number of parallel API requests |
| Request timeout (secs) | No | 120 (Max allowed: 300 seconds) | The maximum seconds allotted before a request will time out. Maximum allowed value is 300 seconds. |
| Client ID | No | (user input, Optional) | NetSPI Platform Client ID |
How to obtain NetSPI credentials
Refer to your NetSPI administrator or the NetSPI documentation for how to obtain the credentials required in the connection settings above.
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes:
Project
| Source Field Name | SDM Attribute |
|---|---|
project.assetCategoryName(), Application | CATEGORIES |
project.assets() | ASSETS |
project.clientName() | CLIENT_NAME |
project.description() | DESCRIPTION |
project.endDate() | END_DATE |
project.id() | UID |
project.industryRiskScore() | INDUSTRY_RISK_SCORE |
project.name() | NAME |
project.openFindings() | OPEN_FINDINGS |
project.projectType() | PROJECT_TYPE |
project.remediationRiskScore() | REMEDIATION_RISK_SCORE |
project.riskScore() | RISK_SCORE |
project.scope() | SCOPE |
project.shortName() | SHORT_NAME |
project.startDate() | START_DATE |
project.tags[].name | TAGS |
project.vulnerabilityRiskScore() | VULNERABILITY_RISK_SCORE |
| sync time | LAST_CAPTURED |
AD Forest
| Source Field Name | SDM Attribute |
|---|---|
adForest.clientName() | CLIENT_NAME |
adForest.createdAt() | SOURCE_CREATED_DATE |
adForest.description() | DESCRIPTION |
adForest.details() | DETAILS |
adForest.environment() | ENVIRONMENT |
adForest.id() | UID |
adForest.name() | NAME |
adForest.projectId() | PROJECT_ID |
adForest.projectName() | PROJECT_NAME |
adForest.riskScore() | RISK_SCORE |
adForest.tags[].name | TAGS |
adForest.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
ADDomain
| Source Field Name | SDM Attribute |
|---|---|
| Domain | CATEGORIES |
domain.adObjectSid() | AD_OBJECT_SID |
domain.clientName() | CLIENT_NAME |
domain.commonName() | COMMON_NAME |
domain.createdAt() | SOURCE_CREATED_DATE |
domain.distinguishedName() | DISTINGUISHED_NAME |
domain.forest() | FOREST |
domain.id() | UID |
domain.id() | NAME |
domain.parentDomain() | PARENT_DOMAIN |
domain.projectId() | PROJECT_ID |
domain.projectName() | PROJECT_NAME |
domain.riskScore() | RISK_SCORE |
domain.tags[].name | TAGS |
domain.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
ADOrganizationalUnit
| Source Field Name | SDM Attribute |
|---|---|
organizationalUnit.adObjectSid() | AD_OBJECT_SID |
organizationalUnit.clientName() | CLIENT_NAME |
organizationalUnit.createdAt() | SOURCE_CREATED_DATE |
organizationalUnit.description() | DESCRIPTION |
organizationalUnit.details() | DETAILS |
organizationalUnit.distinguishedName() | DISTINGUISHED_NAME |
organizationalUnit.environment() | ENVIRONMENT |
organizationalUnit.id() | UID |
organizationalUnit.id() | NAME |
organizationalUnit.projectId() | PROJECT_ID |
organizationalUnit.projectName() | PROJECT_NAME |
organizationalUnit.riskScore() | RISK_SCORE |
organizationalUnit.tags[].name | TAGS |
organizationalUnit.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
ADServicePrincipalName
| Source Field Name | SDM Attribute |
|---|---|
servicePrincipalName.adDomain() | AD_DOMAIN |
servicePrincipalName.clientName() | CLIENT_NAME |
servicePrincipalName.createdAt() | SOURCE_CREATED_DATE |
servicePrincipalName.description() | DESCRIPTION |
servicePrincipalName.details() | DETAILS |
servicePrincipalName.host() | HOST |
servicePrincipalName.id() | UID |
servicePrincipalName.id() | NAME |
servicePrincipalName.port() | PORT |
servicePrincipalName.projectId() | PROJECT_ID |
servicePrincipalName.projectName() | PROJECT_NAME |
servicePrincipalName.riskScore() | RISK_SCORE |
servicePrincipalName.serviceClass() | SERVICE_CLASS |
servicePrincipalName.serviceIdentity() | SERVICE_IDENTITY |
servicePrincipalName.serviceName() | SERVICE_NAME |
servicePrincipalName.servicePrincipalName() | SERVICE_PRINCIPAL_NAME |
servicePrincipalName.tags[].name | TAGS |
servicePrincipalName.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
ADTrustedDomain
| Source Field Name | SDM Attribute |
|---|---|
| Domain | CATEGORIES |
| sync time | LAST_CAPTURED |
trustedDomain.adDomain() | AD_DOMAIN |
trustedDomain.adObjectSid() | AD_OBJECT_SID |
trustedDomain.adTrustDirection() | AD_TRUST_DIRECTION |
trustedDomain.clientName() | CLIENT_NAME |
trustedDomain.createdAt() | SOURCE_CREATED_DATE |
trustedDomain.description() | DESCRIPTION |
trustedDomain.details() | DETAILS |
trustedDomain.distinguishedName() | DISTINGUISHED_NAME |
trustedDomain.id() | UID |
trustedDomain.id() | NAME |
trustedDomain.projectId() | PROJECT_ID |
trustedDomain.projectName() | PROJECT_NAME |
trustedDomain.riskScore() | RISK_SCORE |
trustedDomain.tags[].name | TAGS |
trustedDomain.trustedDomainName() | TRUSTED_DOMAIN_NAME |
trustedDomain.trustTransitive() | TRUST_TRANSITIVE |
trustedDomain.updatedAt() | SOURCE_LAST_MODIFIED |
ApplicationInstance
| Source Field Name | SDM Attribute |
|---|---|
| Application | CATEGORIES |
applicationInstance.applicationCompanyName() | APPLICATION_COMPANY_NAME |
applicationInstance.applicationCpeName() | APPLICATION_CPE_NAME |
applicationInstance.applicationDescription() | APPLICATION_DESCRIPTION |
applicationInstance.applicationEolDate() | TERMINATION_DATE |
applicationInstance.applicationId() | APP_ID |
applicationInstance.applicationMajorVersion() | APPLICATION_MAJOR_VERSION |
applicationInstance.applicationMinorVersion() | APPLICATION_MINOR_VERSION |
applicationInstance.applicationName() | APP_NAME |
applicationInstance.applicationProductName() | APPLICATION_PRODUCT_NAME |
applicationInstance.applicationReleaseDate() | PUBLISHED_DATE |
applicationInstance.applicationServicePack() | APPLICATION_SERVICE_PACK |
applicationInstance.applicationUrl() | APPLICATION_URL |
applicationInstance.applicationVersion() | APPLICATION_VERSION |
applicationInstance.authenticationMode() | AUTHENTICATION_MODE |
applicationInstance.clientName() | CLIENT_NAME |
applicationInstance.createdAt() | SOURCE_CREATED_DATE |
applicationInstance.description() | DESCRIPTION |
applicationInstance.forcedEncryption() | FORCED_ENCRYPTION |
applicationInstance.hostNames() (normalized) | HOSTNAMES |
applicationInstance.id() | UID |
applicationInstance.installDate() | INSTALL_DATE |
applicationInstance.installPath() | INSTALL_PATH |
applicationInstance.isClustered() | IS_CLUSTERED |
applicationInstance.name() | NAME |
applicationInstance.namedPipe() | NAMED_PIPE |
applicationInstance.ownerIdentityId() | OWNER_IDENTITY_ID |
applicationInstance.parentApplicationInstanceId() | PARENT_APPLICATION_INSTANCE_ID |
applicationInstance.processName() | PROCESS_NAME |
applicationInstance.projectId() | PROJECT_ID |
applicationInstance.projectName() | PROJECT_NAME |
applicationInstance.riskScore() | RISK_SCORE |
applicationInstance.serviceAccount() | SERVICE_ACCOUNT |
applicationInstance.serviceName() | SERVICE_NAME |
applicationInstance.tags[].name | TAGS |
applicationInstance.targetHardware() | TARGET_HARDWARE |
applicationInstance.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
CloudResource
| Source Field Name | SDM Attribute |
|---|---|
cloudResource.accountId() | CLOUD_ACCOUNT_ID |
cloudResource.accountName() | CLOUD_ACCOUNT_NAME |
cloudResource.assetPhysicalLocation() | ASSET_PHYSICAL_LOCATION |
cloudResource.clientName() | CLIENT_NAME |
cloudResource.cloudProvider() | CLOUD_PROVIDER |
cloudResource.createdAt() | SOURCE_CREATED_DATE |
cloudResource.id() | UID |
cloudResource.id() | NAME |
cloudResource.macAddress() | MAC_ADDRESSES |
cloudResource.projectId() | PROJECT_ID |
cloudResource.projectName() | PROJECT_NAME |
cloudResource.resourceIdentifier() | RESOURCE_IDENTIFIER |
cloudResource.riskScore() | RISK_SCORE |
cloudResource.tags[].name | TAGS |
cloudResource.updatedAt() | SOURCE_LAST_MODIFIED |
cloudResource.vpcId() | VPC_ID |
| constant Cloud Resource | CATEGORIES |
| sync time | LAST_CAPTURED |
Company
| Source Field Name | SDM Attribute |
|---|---|
company.clientName() | CLIENT_NAME |
company.createdAt() | SOURCE_CREATED_DATE |
company.id() | UID |
company.name() | NAME |
company.projectId() | PROJECT_ID |
company.projectName() | PROJECT_NAME |
company.riskScore() | RISK_SCORE |
company.tags[].name | TAGS |
company.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
DNSDomain
| Source Field Name | SDM Attribute |
|---|---|
| constant Domain | CATEGORIES |
domain.assetOwner() | ASSET_OWNER |
domain.clientName() | CLIENT_NAME |
domain.createdAt() | SOURCE_CREATED_DATE |
domain.description() | DESCRIPTION |
domain.id() | UID |
domain.name() | NAME |
domain.portNumber() | PORT |
domain.portProtocol() | PROTOCOL |
domain.projectId() | PROJECT_ID |
domain.projectName() | PROJECT_NAME |
domain.riskScore() | RISK_SCORE |
domain.subdomainName() | SUB_DOMAIN_NAME |
domain.tags[].name | TAGS |
domain.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
DNSRecord
| Source Field Name | SDM Attribute |
|---|---|
record.active() | ACTIVE |
record.clientName() | CLIENT_NAME |
record.createdAt() | SOURCE_CREATED_DATE |
record.domain() | DOMAIN |
record.id() | UID |
record.ipAddress() | IP_ADDRESSES |
record.name() | NAME |
record.name() | DNS_NAMES |
record.projectId() | PROJECT_ID |
record.projectName() | PROJECT_NAME |
record.recordTypeId() | RECORD_TYPE_ID |
record.riskScore() | RISK_SCORE |
record.subDomain() | SUB_DOMAIN |
record.tags[].name | TAGS |
record.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
FileShare
| Source Field Name | SDM Attribute |
|---|---|
fileShare.clientName() | CLIENT_NAME |
fileShare.createdAt() | SOURCE_CREATED_DATE |
fileShare.fileCount() | FILE_COUNT |
fileShare.fileListHash() | FILE_LIST_HASH |
fileShare.fileListTotalFileSize() | FILE_LIST_TOTAL_FILE_SIZE |
fileShare.fileShareType() | FILE_SHARE_TYPE |
fileShare.id() | UID |
fileShare.identity() | IDENTITY |
fileShare.lastAccessed() | LAST_ACCESSED |
fileShare.path() | PATH |
fileShare.projectId() | PROJECT_ID |
fileShare.projectName() | PROJECT_NAME |
fileShare.riskScore() | RISK_SCORE |
fileShare.tags[].name | TAGS |
fileShare.uncPath() | UNC_PATH |
fileShare.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
File
| Source Field Name | SDM Attribute |
|---|---|
file.clientName() | CLIENT_NAME |
file.createdAt() | SOURCE_CREATED_DATE |
file.fileShare() | FILE_SHARE |
file.hash() | HASH |
file.hashPasswordsVerified() | HASH_PASSWORDS_VERIFIED |
file.hasNonPublicData() | HAS_NON_PUBLIC_DATA |
file.hasPasswords() | HAS_PASSWORDS |
file.hasSensitiveData() | HAS_SENSITIVE_DATA |
file.highRisk() | HIGH_RISK |
file.host() | HOST |
file.id() | UID |
file.identity() | IDENTITY |
file.lastAccessed() | LAST_ACCESSED |
file.path() | PATH |
file.projectId() | PROJECT_ID |
file.projectName() | PROJECT_NAME |
file.riskScore() | RISK_SCORE |
file.tags[].name | TAGS |
file.uncPath() | UNC_PATH |
file.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
Finding
| Source Field Name | SDM Attribute |
|---|---|
finding.affectedUrl(), finding.affectedSource(), finding.affectedSourceLine() | PATH |
finding.assetLabel() | ASSET_NAME |
finding.attackParameter() | ATTACK_PARAM |
finding.authenticationState() | USER_AUTH_STATE |
finding.confidenceLevel() | CONFIDENCE_LEVEL |
finding.createdAt() | SOURCE_CREATED_DATE |
finding.dctAlertLevel() | DETECTION_CONTROL_ALERT_LEVEL |
finding.dctBlockLevel() | DETECTION_CONTROL_BLOCK_LEVEL |
finding.dctDetectionLevel() | DETECTION_CONTROL_DETECTION_LEVEL |
finding.dctLogLevel() | DETECTION_CONTROL_LOG_LEVEL |
finding.dctResponseLevel() | DETECTION_CONTROL_RESPONSE_LEVEL |
finding.detectionLevel() | DETECTION_LEVEL |
finding.externalIdentifier() | EXTERNAL_IDENTIFIER |
finding.findingTemplateUid() | TYPE |
finding.firstSeenAt() | FIRST_SEEN |
finding.id() | UID |
finding.isEntryPoint() | ENTRY_POINT |
finding.lastSeenAt() | LAST_SEEN |
finding.name() | NAME |
finding.port() | PORT |
finding.portProtocol() | PROTOCOL |
finding.projectId() | PROJECT_ID |
finding.remediationActualDate() | REMEDIATED_ON |
finding.remediationDueDate() | REMEDIATION_DUE_DATE |
finding.state() | PROVIDER_STATUS |
finding.state() (normalized) | SOURCE_STATUS |
finding.targets(), finding.assetId(), finding.projectId() | TARGETS |
finding.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
FindingDefinition
| Source Field Name | SDM Attribute |
|---|---|
"CWE-" + finding.cwe() | WEAKNESSES |
finding.businessImpact() | BUSINESS_IMPACT |
finding.cvssV2Score() | CVSS_V2_BASE_SCORE |
finding.cvssV2Vector() (calculate) | CVSS_V2_VECTOR |
finding.cvssV3Score() | CVSS_V3_BASE_SCORE |
finding.cvssV3Vector() (calculate) | CVSS_V3_VECTOR |
finding.cvssV4Score() | CVSS_V4_BASE_SCORE |
finding.cvssV4Vector() (calculate) | CVSS_V4_VECTOR |
finding.cwe() | CWE_IDS |
finding.description() | DESCRIPTION |
finding.name() | NAME |
finding.remediationInstructions() | RECOMMENDATION |
finding.severityId() | SOURCE_SEVERITY |
finding.severityId() (calculate) | SEVERITY_SCORE |
finding.severityId() (normalized) | SEVERITY |
findingTemplateUid | UID |
| sync time | LAST_CAPTURED |
GenericAsset
| Source Field Name | SDM Attribute |
|---|---|
genericAsset.assetPhysicalLocation() | PHYSICAL_LOCATION |
genericAsset.clientName() | CLIENT_NAME |
genericAsset.createdAt() | SOURCE_CREATED_DATE |
genericAsset.id() | UID |
genericAsset.projectId() | PROJECT_ID |
genericAsset.projectName() | PROJECT_NAME |
genericAsset.riskScore() | RISK_SCORE |
genericAsset.tags[].name | TAGS |
genericAsset.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
Group
| Source Field Name | SDM Attribute |
|---|---|
group.adDistinguishedName() | AD_DISTINGUISHED_NAME |
group.adObjectSid() | AD_OBJECT_SID |
group.clientName() | CLIENT_NAME |
group.createdAt() | SOURCE_CREATED_DATE |
group.externalIdentifier() | EXTERNAL_IDENTIFIER |
group.groupTypeId() | GROUP_TYPE_ID |
group.id() | UID |
group.id() | NAME |
group.isDisabled() | IS_DISABLED |
group.isFixedRole() | IS_FIXED_ROLE |
group.owner() | OWNER |
group.projectId() | PROJECT_ID |
group.projectName() | PROJECT_NAME |
group.riskScore() | RISK_SCORE |
group.samAccountName() | SAM_ACCOUNT_NAME |
group.tags[].name | TAGS |
group.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
Host
| Source Field Name | SDM Attribute |
|---|---|
| constant Host | CATEGORIES |
host.clientName() | CLIENT_NAME |
host.createdAt() | SOURCE_CREATED_DATE |
host.domain() | DOMAIN |
host.hostType() | HOST_TYPE |
host.id() | UID |
host.ipAddresses[].address | IP_ADDRESSES |
host.ipAddresses[].address | PUBLIC_IP_ADDRESSES |
host.ipAddresses[].address | PRIVATE_IP_ADDRESSES |
host.names() | HOSTNAMES |
host.projectId() | PROJECT_ID |
host.projectName() | PROJECT_NAME |
host.riskScore() | RISK_SCORE |
host.tags[].name | TAGS |
host.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
IPAddress
| Source Field Name | SDM Attribute |
|---|---|
| constant Host | CATEGORIES |
ipAddress.address() | IP_ADDRESSES |
ipAddress.address() | PUBLIC_IP_ADDRESSES |
ipAddress.address() | PRIVATE_IP_ADDRESSES |
ipAddress.clientName() | CLIENT_NAME |
ipAddress.createdAt() | SOURCE_CREATED_DATE |
ipAddress.id() | UID |
ipAddress.isDiscoveredByNetspi() | DISCOVERED_BY_NETSPI |
ipAddress.projectId() | PROJECT_ID |
ipAddress.projectName() | PROJECT_NAME |
ipAddress.riskScore() | RISK_SCORE |
ipAddress.tags[].name | TAGS |
ipAddress.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
Identity
| Source Field Name | SDM Attribute |
|---|---|
| constants Person, Identity | CATEGORIES |
identity.adDistinguishedName() | AD_DISTINGUISHED_NAME |
identity.adDomain() | AD_DOMAIN |
identity.adObjectSid() | AD_OBJECT_SID |
identity.authenticationRealm() | AUTHENTICATION_REALM |
identity.clientName() | CLIENT_NAME |
identity.createdAt() | SOURCE_CREATED_DATE |
identity.email() | EMAILS |
identity.firstName() | FIRST_NAME |
identity.id() | UID |
identity.identityType() | IDENTITY_TYPE |
identity.isMfaEnabled() | IS_MFA_ENABLED |
identity.isPrivileged() | IS_PRIVILEGED |
identity.isRole() | IS_ROLE |
identity.isUnAuthenticated() | IS_UNAUTHENTICATED |
identity.lastName() | LAST_NAME |
identity.projectId() | PROJECT_ID |
identity.projectName() | PROJECT_NAME |
identity.riskScore() | RISK_SCORE |
identity.samAccountName() | SAM_ACCOUNT_NAME |
identity.tags[].name | TAGS |
identity.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
Location
| Source Field Name | SDM Attribute |
|---|---|
location.address() | ADDRESS |
location.city() | CITY |
location.clientName() | CLIENT_NAME |
location.country() | COUNTRY |
location.createdAt() | SOURCE_CREATED_DATE |
location.id() | UID |
location.locationZone() | LOCATION_ZONE |
location.projectId() | PROJECT_ID |
location.projectName() | PROJECT_NAME |
location.riskScore() | RISK_SCORE |
location.state() | STATE |
location.tags[].name | TAGS |
location.updatedAt() | SOURCE_LAST_MODIFIED |
location.zip() | POSTAL_CODE |
| sync time | LAST_CAPTURED |
NetworkDevice
| Source Field Name | SDM Attribute |
|---|---|
device.clientName() | CLIENT_NAME |
device.createdAt() | SOURCE_CREATED_DATE |
device.id() | UID |
device.id() | NAME |
device.projectId() | PROJECT_ID |
device.projectName() | PROJECT_NAME |
device.riskScore() | RISK_SCORE |
device.tags[].name | TAGS |
device.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
OperatingSystem
| Source Field Name | SDM Attribute |
|---|---|
operatingSystem.build() | BUILD |
operatingSystem.clientName() | CLIENT_NAME |
operatingSystem.createdAt() | SOURCE_CREATED_DATE |
operatingSystem.endOfLifeDate() | END_OF_LIFE_DATE |
operatingSystem.extendedSupportEndDate() | EXTENDED_SUPPORT_END_DATE |
operatingSystem.id() | UID |
operatingSystem.majorVersion() | MAJOR_VERSION |
operatingSystem.minorVersion() | MINOR_VERSION |
operatingSystem.osType() | OS_TYPE |
operatingSystem.parentCompany() | PARENT_COMPANY |
operatingSystem.platform() | PLATFORM |
operatingSystem.projectId() | PROJECT_ID |
operatingSystem.projectName() | PROJECT_NAME |
operatingSystem.releaseDate() | RELEASE_DATE |
operatingSystem.riskScore() | RISK_SCORE |
operatingSystem.tags[].name | TAGS |
operatingSystem.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
Person
| Source Field Name | SDM Attribute |
|---|---|
| constants Person, Identity | CATEGORIES |
person.clientName() | CLIENT_NAME |
person.companyId() | COMPANY_ID |
person.createdAt() | SOURCE_CREATED_DATE |
person.emails() | EMAILS |
person.employeeId() | EMPLOYEE_ID |
person.firstName() | FIRST_NAME |
person.id() | UID |
person.jobTitle() | JOB_TITLE |
person.lastName() | LAST_NAME |
person.parentLocation() | PARENT_LOCATION |
person.projectId() | PROJECT_ID |
person.projectName() | PROJECT_NAME |
person.riskScore() | RISK_SCORE |
person.tags[].name | TAGS |
person.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
PhysicalComponent
| Source Field Name | SDM Attribute |
|---|---|
physicalComponent.clientName() | CLIENT_NAME |
physicalComponent.createdAt() | SOURCE_CREATED_DATE |
physicalComponent.id() | UID |
physicalComponent.parentCompany() | PARENT_COMPANY |
physicalComponent.parentLocation() | PARENT_LOCATION |
physicalComponent.parentPhysicalComponent() | PARENT_PHYSICAL_COMPONENT |
physicalComponent.physicalComponentTypeId() | PHYSICAL_COMPONENT_TYPE_ID |
physicalComponent.projectId() | PROJECT_ID |
physicalComponent.projectName() | PROJECT_NAME |
physicalComponent.riskScore() | RISK_SCORE |
physicalComponent.tags[].name | TAGS |
physicalComponent.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
Policy
| Source Field Name | SDM Attribute |
|---|---|
policy.clientName() | CLIENT_NAME |
policy.createdAt() | SOURCE_CREATED_DATE |
policy.department() | DEPARTMENT |
policy.id() | UID |
policy.owner() | OWNER |
policy.parentCompany() | PARENT_COMPANY |
policy.policyCategoryId() | POLICY_CATEGORY_ID |
policy.policySubTypeId() | POLICY_SUB_TYPE_ID |
policy.policyTypeId() | POLICY_TYPE_ID |
policy.projectId() | PROJECT_ID |
policy.projectName() | PROJECT_NAME |
policy.riskScore() | RISK_SCORE |
policy.tags[].name | TAGS |
policy.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
SourceCode
| Source Field Name | SDM Attribute |
|---|---|
sourceCode.clientName() | CLIENT_NAME |
sourceCode.createdAt() | SOURCE_CREATED_DATE |
sourceCode.id() | UID |
sourceCode.id() | NAME |
sourceCode.projectId() | PROJECT_ID |
sourceCode.projectName() | PROJECT_NAME |
sourceCode.riskScore() | RISK_SCORE |
sourceCode.tags[].name | TAGS |
sourceCode.updatedAt() | SOURCE_LAST_MODIFIED |
| sync time | LAST_CAPTURED |
Subnet
| Source Field Name | SDM Attribute |
|---|---|
subnet.cidr() | CIDR |
subnet.clientName() | CLIENT_NAME |
subnet.createdAt() | SOURCE_CREATED_DATE |
subnet.description() | DESCRIPTION |
subnet.dhcpRange() | DHCP_RANGE |
subnet.endIp() | END_IP |
subnet.id() | UID |
subnet.interfaceName() | INTERFACE_NAME |
subnet.isDHCP() | IS_DHCP |
subnet.isIPV4() | IS_IPV4 |
subnet.isWireless() | IS_WIRELESS |
subnet.netMask() | NET_MASK |
subnet.ownerId() | OWNER_ID |
subnet.projectId() | PROJECT_ID |
subnet.projectName() | PROJECT_NAME |
subnet.riskScore() | RISK_SCORE |
subnet.sid() | SID |
subnet.startIp() | START_IP |
subnet.subnetExternalIdentifier() | SUBNET_EXTERNAL_IDENTIFIER |
subnet.tags[].name | TAGS |
subnet.updatedAt() | SOURCE_LAST_MODIFIED |
subnet.vlanId() | VLAN_ID |
| sync time | LAST_CAPTURED |
Operations & API
Expand each connector object to see its operation options, delta-sync behavior, and the API it uses. See connector operation options for how to apply operation options (keys and values are case-sensitive).
Project
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
AD Forest
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
ADDomain
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
ADOrganizationalUnit
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
ADServicePrincipalName
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
ADTrustedDomain
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
ApplicationInstance
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
CloudResource
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Company
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
DNSDomain
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
DNSRecord
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
FileShare
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
File
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Finding
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
FindingDefinition
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
GenericAsset
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Group
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Host
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
IPAddress
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Identity
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Location
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
NetworkDevice
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
OperatingSystem
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Person
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
PhysicalComponent
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Policy
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
SourceCode
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Subnet
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
The connector README does not document a data source for this object.
Changelog
The NetSPI connector has undergone the following changes:
| Version | Description | Migration Steps |
|---|---|---|
| 3.0.2 | Fixed - Host sync failure (CON-4651) — Fixed ConnectorException: null caused by a NullPointerException when the NetSPI API returns null elements inside names arrays. Applied fix on such fields to silently drop null entries during deserialization. - IPAddress sync failure due to tags data type mismatch (CON-4597) — Fixed IPAddress sync failure caused by the tags field being deserialized as a raw string instead of a structured object. Changed - Refactored tag handling across all asset and project models — Refactored all asset models and the Project model to correctly map the tags response field using structured Tag objects instead of raw strings. - Improved handling of missing data in API responses — Added safeguards across multiple asset models to gracefully handle cases where the NetSPI API returns empty or null values in list fields, preventing sync failures. | N/A |