Violation Definition Data Model
The Violation Definition data model is a definition that contains all common attributes for any given violation. It extends the Finding Definition data model.
The following table details the default attributes of the Violation Definition data model:
| Order | Attribute Name | Attribute Type | Relationship Type | Required |
|---|---|---|---|---|
| 1 | displayName | Calculated (Text) | N/A | Yes |
| 2 | baseRiskScore | Calculated (Number) | N/A | No |
| 3 | riskFactorOffset | Calculated (Number) | N/A | No |
| 4 | riskScore | Calculated (Number) | N/A | No |
| 5 | riskRating | Calculated (Single Choice) | N/A | No |
| 6 | percentageImpacted | Calculated (Number) | N/A | No |
| 7 | firstdetected | Calculated (Date Time) | N/A | No |
| 8 | daysToFirstDetection | Calculated (Number) | N/A | No |
| 9 | openFindingCount | Calculated (Number) | N/A | No |
| 10 | maximumCveRiskScore | Calculated (Number) | N/A | No |
| 11 | associatedCvesIsCisaExploitable | Calculated (True False) | N/A | No |
| 12 | associatedCvesMaximumEpssLikelihood | Calculated (Number) | N/A | No |
| 13 | numberOutOfCompliance | Calculated (Number) | N/A | No |
| 14 | complianceStatus | Calculated (Single Choice) | N/A | No |
| 15 | cveIds | Text (Multivalued) | N/A | No |
| 16 | cweIds | Text (Multivalued) | N/A | No |
| 17 | cvssV2BaseScore | Number | N/A | No |
| 18 | cvssV2TemporalScore | Number | N/A | No |
| 19 | cvssV2Severity | Text | N/A | No |
| 20 | cvssV2Vector | Text | N/A | No |
| 21 | cvssV2AttackVector | Text | N/A | No |
| 22 | cvssV2AccessComplexity | Text | N/A | No |
| 23 | cvssV2Authentication | Text | N/A | No |
| 24 | cvssV2ConfidentialityImpact | Text | N/A | No |
| 25 | cvssV2IntegrityImpact | Text | N/A | No |
| 26 | cvssV2AvailabilityImpact | Text | N/A | No |
| 27 | cvssV2Exploitability | Text | N/A | No |
| 28 | cvssV2RemediationLevel | Text | N/A | No |
| 29 | cvssV2ReportConfidence | Text | N/A | No |
| 30 | cvssV3BaseScore | Number | N/A | No |
| 31 | cvssV3TemporalScore | Number | N/A | No |
| 32 | cvssV3Severity | Text | N/A | No |
| 33 | cvssV3Vector | Text | N/A | No |
| 34 | cvssV3AttackVector | Text | N/A | No |
| 35 | cvssV3AttackComplexity | Text | N/A | No |
| 36 | cvssV3PrivilegesRequired | Text | N/A | No |
| 37 | cvssV3UserInteraction | Text | N/A | No |
| 38 | cvssV3ConfidentialityImpact | Text | N/A | No |
| 39 | cvssV3IntegrityImpact | Text | N/A | No |
| 40 | cvssV3AvailabilityImpact | Text | N/A | No |
| 41 | cvssV3ExploitCodeMaturity | Text | N/A | No |
| 42 | cvssV3RemediationLevel | Text | N/A | No |
| 43 | cvssV3ReportConfidence | Text | N/A | No |
| 44 | category | Text | N/A | No |
| 45 | severity | Single Choice | N/A | No |
| 46 | severityNumber | Number | N/A | No |
| 47 | source | Text | N/A | No |
| 48 | patchAvailable | True False | N/A | No |
| 49 | recommendation | Text | N/A | No |
| 50 | affected | Text (Multivalued) | N/A | No |
| 51 | weaknesses | Reference (Weakness) | EXPLOITS | No |
| 52 | cveRecords | Reference (CVE record) | RELATES_TO | No |
| 53 | references | Text (Multivalued) | N/A | No |
| 54 | exploits | Text (Multivalued) | N/A | No |
| 55 | malware | Text (Multivalued) | N/A | No |
| 56 | publishedDate | Date Time | N/A | No |
| 57 | patchPublishedDate | Date Time | N/A | No |
| 58 | sourceCreatedDate | Date Time | N/A | No |
| 59 | sourceLastModified | Date Time | N/A | No |
| 60 | findingType | Category | N/A | No |
| 61 | profiles | Category | N/A | No |
| 62 | technologies | Category | N/A | No |
| 63 | riskScoringModel | Risk Scoring Model | N/A | No |
| 64 | riskFactors | Risk Factors | N/A | No |
| 65 | uid | Text | N/A | Yes |
| 66 | dataModelName | Calculated (Text) | N/A | No |
| 67 | sourceUids | Text (Multivalued) | N/A | No |
| 68 | connectorCategories | Text (Multivalued) | N/A | No |
| 69 | connectorNames | Text (Multivalued) | N/A | No |
| 70 | dataIntegrationTitles | Text (Multivalued) | N/A | No |
| 71 | sourcesIcons | Source data models icons | N/A | No |
| 72 | name | Text | N/A | Yes |
| 73 | summary | Text | N/A | No |
| 74 | description | Text | N/A | No |
| 75 | categories | Text (Multivalued) | N/A | No |
| 76 | flowState | Text | N/A | No |
| 77 | sources | Reference (Base model) | SOURCED_FROM | No |
| 78 | dateCreated | Date Time | N/A | No |
| 79 | lastUpdated | Date Time | N/A | No |
| 80 | createdBy | Text | N/A | No |
| 81 | updatedBy | Text | N/A | No |
FOOTNOTES
- The Order column specifies the order of attributes being calculated in data computation.
- The attribute names are used in Brinqa Query Language (BQL) queries and Brinqa Condition Language (BCL) predicates.
- In the Type column, Calculated means that the value of the attribute is computed by executing a script. The text in the parentheses after Calculated denotes the type of the outcome.
- In the Type column, Reference means that two data models are related. The name in the parentheses after Reference indicates the other data model.
- The Relationship Type column only applies to the Reference type attributes. You can use the relationship type keyword in BQL queries.