Skip to main content

Finding Definition Data Model

The Finding Definition data model is a definition that contains all common attributes for any given finding. It extends the Entity Model data model.

The following table details the default attributes of the Finding Definition data model:

OrderAttribute NameAttribute TypeRelationship TypeRequired
1cveIdsText (Multivalued)N/ANo
2cweIdsText (Multivalued)N/ANo
3cvssV2BaseScoreNumberN/ANo
4cvssV2TemporalScoreNumberN/ANo
5cvssV2SeverityTextN/ANo
6cvssV2VectorTextN/ANo
7cvssV2AttackVectorTextN/ANo
8cvssV2AccessComplexityTextN/ANo
9cvssV2AuthenticationTextN/ANo
10cvssV2ConfidentialityImpactTextN/ANo
11cvssV2IntegrityImpactTextN/ANo
12cvssV2AvailabilityImpactTextN/ANo
13cvssV2ExploitabilityTextN/ANo
14cvssV2RemediationLevelTextN/ANo
15cvssV2ReportConfidenceTextN/ANo
16cvssV3BaseScoreNumberN/ANo
17cvssV3TemporalScoreNumberN/ANo
18cvssV3SeverityTextN/ANo
19cvssV3VectorTextN/ANo
20cvssV3AttackVectorTextN/ANo
21cvssV3AttackComplexityTextN/ANo
22cvssV3PrivilegesRequiredTextN/ANo
23cvssV3UserInteractionTextN/ANo
24cvssV3ConfidentialityImpactTextN/ANo
25cvssV3IntegrityImpactTextN/ANo
26cvssV3AvailabilityImpactTextN/ANo
27cvssV3ExploitCodeMaturityTextN/ANo
28cvssV3RemediationLevelTextN/ANo
29cvssV3ReportConfidenceTextN/ANo
30categoryTextN/ANo
31severitySingle ChoiceN/ANo
32severityNumberNumberN/ANo
33sourceTextN/ANo
34patchAvailableTrue FalseN/ANo
35recommendationTextN/ANo
36affectedText (Multivalued)N/ANo
37weaknessesReference (Weakness)EXPLOITSNo
38cveRecordsReference (CVE record)RELATES_TONo
39referencesText (Multivalued)N/ANo
40exploitsText (Multivalued)N/ANo
41malwareText (Multivalued)N/ANo
42publishedDateDate TimeN/ANo
43patchPublishedDateDate TimeN/ANo
44sourceCreatedDateDate TimeN/ANo
45sourceLastModifiedDate TimeN/ANo
46baseRiskScoreNumberN/ANo
47riskFactorOffsetNumberN/ANo
48riskScoreNumberN/ANo
49riskRatingSingle ChoiceN/ANo
50percentageImpactedNumberN/ANo
51firstDetectedDate TimeN/ANo
52daysToFirstDetectionNumberN/ANo
53openFindingCountNumberN/ANo
54maximumCveRiskScoreNumberN/ANo
55associatedCvesIsCisaExploitableTrue FalseN/ANo
56associatedCvesMaximumEpssLikelihoodNumberN/ANo
57numberOutOfComplianceNumberN/ANo
58complianceStatusSingle ChoiceN/ANo
59findingTypeCategoryN/ANo
60profilesCategoryN/ANo
61technologiesCategoryN/ANo
62riskScoringModelRisk Scoring ModelN/ANo
63riskFactorsRisk FactorsN/ANo
64uidTextN/AYes
65dataModelNameCalculated (Text)N/ANo
66sourceUidsText (Multivalued)N/ANo
67connectorCategoriesText (Multivalued)N/ANo
68connectorNamesText (Multivalued)N/ANo
69dataIntegrationTitlesText (Multivalued)N/ANo
70sourcesIconsSource data models iconsN/ANo
71nameTextN/ANo
72displayNameTextN/AYes
73summaryTextN/ANo
74descriptionTextN/ANo
75categoriesText (Multivalued)N/ANo
76flowStateTextN/ANo
77sourcesReference (Base model)SOURCED_FROMNo
78dateCreatedDate TimeN/ANo
79lastUpdatedDate TimeN/ANo
80createdByTextN/ANo
81updatedByTextN/ANo
FOOTNOTES
  • The Order column specifies the order of attributes being calculated in data computation.
  • The attribute names are used in Brinqa Query Language (BQL) queries and Brinqa Condition Language (BCL) predicates.
  • In the Type column, Calculated means that the value of the attribute is computed by executing a script. The text in the parentheses after Calculated denotes the type of the outcome.
  • In the Type column, Reference means that two data models are related. The name in the parentheses after Reference indicates the other data model.
  • The Relationship Type column only applies to the Reference type attributes. You can use the relationship type keyword in BQL queries.