Open Source Finding Definition Data Model
The Open Source Finding Definition data model is a definition that contains all common attributes for any given open source findings. It extends the Finding Definition data model.
The following table details the default attributes of the Open Source Finding Definition data model:
| Order | Attribute Name | Attribute Type | Relationship Type | Required |
|---|---|---|---|---|
| 1 | displayName | Calculated (Text) | N/A | Yes |
| 2 | baseRiskScore | Calculated (Number) | N/A | No |
| 3 | riskFactorOffset | Calculated (Number) | N/A | No |
| 4 | riskScore | Calculated (Number) | N/A | No |
| 5 | riskRating | Calculated (Single Choice) | N/A | No |
| 6 | percentageImpacted | Calculated (Number) | N/A | No |
| 7 | firstdetected | Calculated (Date Time) | N/A | No |
| 8 | daysToFirstDetection | Calculated (Number) | N/A | No |
| 9 | maximumCveRiskScore | Calculated (Number) | N/A | No |
| 10 | associatedCvesIsCisaExploitable | Calculated (True False) | N/A | No |
| 11 | associatedCvesMaximumEpssLikelihood | Calculated (Number) | N/A | No |
| 12 | openFindingCount | Calculated (Number) | N/A | No |
| 13 | numberOutOfCompliance | Calculated (Number) | N/A | No |
| 14 | complianceStatus | Calculated (Single Choice) | N/A | No |
| 15 | cveIds | Text (Multivalued) | N/A | No |
| 16 | cweIds | Text (Multivalued) | N/A | No |
| 17 | cvssV2BaseScore | Number | N/A | No |
| 18 | cvssV2TemporalScore | Number | N/A | No |
| 19 | cvssV2Severity | Text | N/A | No |
| 20 | cvssV2Vector | Text | N/A | No |
| 21 | cvssV2AttackVector | Text | N/A | No |
| 22 | cvssV2AccessComplexity | Text | N/A | No |
| 23 | cvssV2Authentication | Text | N/A | No |
| 24 | cvssV2ConfidentialityImpact | Text | N/A | No |
| 25 | cvssV2IntegrityImpact | Text | N/A | No |
| 26 | cvssV2AvailabilityImpact | Text | N/A | No |
| 27 | cvssV2Exploitability | Text | N/A | No |
| 28 | cvssV2RemediationLevel | Text | N/A | No |
| 29 | cvssV2ReportConfidence | Text | N/A | No |
| 30 | cvssV3BaseScore | Number | N/A | No |
| 31 | cvssV3TemporalScore | Number | N/A | No |
| 32 | cvssV3Severity | Text | N/A | No |
| 33 | cvssV3Vector | Text | N/A | No |
| 34 | cvssV3AttackVector | Text | N/A | No |
| 35 | cvssV3AttackComplexity | Text | N/A | No |
| 36 | cvssV3PrivilegesRequired | Text | N/A | No |
| 37 | cvssV3UserInteraction | Text | N/A | No |
| 38 | cvssV3ConfidentialityImpact | Text | N/A | No |
| 39 | cvssV3IntegrityImpact | Text | N/A | No |
| 40 | cvssV3AvailabilityImpact | Text | N/A | No |
| 41 | cvssV3ExploitCodeMaturity | Text | N/A | No |
| 42 | cvssV3RemediationLevel | Text | N/A | No |
| 43 | cvssV3ReportConfidence | Text | N/A | No |
| 44 | category | Text | N/A | No |
| 45 | severity | Single Choice | N/A | No |
| 46 | severityNumber | Number | N/A | No |
| 47 | source | Text | N/A | No |
| 48 | patchAvailable | True False | N/A | No |
| 49 | recommendation | Text | N/A | No |
| 50 | affected | Text (Multivalued) | N/A | No |
| 51 | weaknesses | Reference (Weakness) | EXPLOITS | No |
| 52 | cveRecords | Reference (CVE record) | RELATES_TO | No |
| 53 | references | Text (Multivalued) | N/A | No |
| 54 | exploits | Text (Multivalued) | N/A | No |
| 55 | malware | Text (Multivalued) | N/A | No |
| 56 | publishedDate | Date Time | N/A | No |
| 57 | patchPublishedDate | Date Time | N/A | No |
| 58 | sourceCreatedDate | Date Time | N/A | No |
| 59 | sourceLastModified | Date Time | N/A | No |
| 60 | findingType | Category | N/A | No |
| 61 | profiles | Category | N/A | No |
| 62 | technologies | Category | N/A | No |
| 63 | riskScoringModel | Risk Scoring Model | N/A | No |
| 64 | riskFactors | Risk Factors | N/A | No |
| 65 | uid | Text | N/A | Yes |
| 66 | dataModelName | Calculated (Text) | N/A | No |
| 67 | sourceUids | Text (Multivalued) | N/A | No |
| 68 | connectorCategories | Text (Multivalued) | N/A | No |
| 69 | connectorNames | Text (Multivalued) | N/A | No |
| 70 | dataIntegrationTitles | Text (Multivalued) | N/A | No |
| 71 | sourcesIcons | Source data models icons | N/A | No |
| 72 | name | Text | N/A | Yes |
| 73 | summary | Text | N/A | No |
| 74 | description | Text | N/A | No |
| 75 | categories | Text (Multivalued) | N/A | No |
| 76 | flowState | Text | N/A | No |
| 77 | sources | Reference (Base model) | SOURCED_FROM | No |
| 78 | dateCreated | Date Time | N/A | No |
| 79 | lastUpdated | Date Time | N/A | No |
| 80 | createdBy | Text | N/A | No |
| 81 | updatedBy | Text | N/A | No |
FOOTNOTES
- The Order column specifies the order of attributes being calculated in data computation.
- The attribute names are used in Brinqa Query Language (BQL) queries and Brinqa Condition Language (BCL) predicates.
- In the Type column, Calculated means that the value of the attribute is computed by executing a script. The text in the parentheses after Calculated denotes the type of the outcome.
- In the Type column, Reference means that two data models are related. The name in the parentheses after Reference indicates the other data model.
- The Relationship Type column only applies to the Reference type attributes. You can use the relationship type keyword in BQL queries.