Skip to main content

Violation Definition Data Model

The Violation Definition data model is a definition that contains all common attributes for any given violation. It extends the Finding Definition data model.

The following table details the default attributes of the Violation Definition data model:

OrderAttribute NameAttribute TypeRelationship TypeRequired
1displayNameCalculated (Text)N/AYes
2baseRiskScoreCalculated (Number)N/ANo
3riskFactorOffsetCalculated (Number)N/ANo
4riskScoreCalculated (Number)N/ANo
5riskRatingCalculated (Single Choice)N/ANo
6percentageImpactedCalculated (Number)N/ANo
7firstdetectedCalculated (Date Time)N/ANo
8daysToFirstDetectionCalculated (Number)N/ANo
9openFindingCountCalculated (Number)N/ANo
10maximumCveRiskScoreCalculated (Number)N/ANo
11associatedCvesIsCisaExploitableCalculated (True False)N/ANo
12associatedCvesMaximumEpssLikelihoodCalculated (Number)N/ANo
13numberOutOfComplianceCalculated (Number)N/ANo
14complianceStatusCalculated (Single Choice)N/ANo
15cveIdsText (Multivalued)N/ANo
16cweIdsText (Multivalued)N/ANo
17cvssV2BaseScoreNumberN/ANo
18cvssV2TemporalScoreNumberN/ANo
19cvssV2SeverityTextN/ANo
20cvssV2VectorTextN/ANo
21cvssV2AttackVectorTextN/ANo
22cvssV2AccessComplexityTextN/ANo
23cvssV2AuthenticationTextN/ANo
24cvssV2ConfidentialityImpactTextN/ANo
25cvssV2IntegrityImpactTextN/ANo
26cvssV2AvailabilityImpactTextN/ANo
27cvssV2ExploitabilityTextN/ANo
28cvssV2RemediationLevelTextN/ANo
29cvssV2ReportConfidenceTextN/ANo
30cvssV3BaseScoreNumberN/ANo
31cvssV3TemporalScoreNumberN/ANo
32cvssV3SeverityTextN/ANo
33cvssV3VectorTextN/ANo
34cvssV3AttackVectorTextN/ANo
35cvssV3AttackComplexityTextN/ANo
36cvssV3PrivilegesRequiredTextN/ANo
37cvssV3UserInteractionTextN/ANo
38cvssV3ConfidentialityImpactTextN/ANo
39cvssV3IntegrityImpactTextN/ANo
40cvssV3AvailabilityImpactTextN/ANo
41cvssV3ExploitCodeMaturityTextN/ANo
42cvssV3RemediationLevelTextN/ANo
43cvssV3ReportConfidenceTextN/ANo
44categoryTextN/ANo
45severitySingle ChoiceN/ANo
46severityNumberNumberN/ANo
47sourceTextN/ANo
48patchAvailableTrue FalseN/ANo
49recommendationTextN/ANo
50affectedText (Multivalued)N/ANo
51weaknessesReference (Weakness)EXPLOITSNo
52cveRecordsReference (CVE record)RELATES_TONo
53referencesText (Multivalued)N/ANo
54exploitsText (Multivalued)N/ANo
55malwareText (Multivalued)N/ANo
56publishedDateDate TimeN/ANo
57patchPublishedDateDate TimeN/ANo
58sourceCreatedDateDate TimeN/ANo
59sourceLastModifiedDate TimeN/ANo
60findingTypeCategoryN/ANo
61profilesCategoryN/ANo
62technologiesCategoryN/ANo
63riskScoringModelRisk Scoring ModelN/ANo
64riskFactorsRisk FactorsN/ANo
65uidTextN/AYes
66dataModelNameCalculated (Text)N/ANo
67sourceUidsText (Multivalued)N/ANo
68connectorCategoriesText (Multivalued)N/ANo
69connectorNamesText (Multivalued)N/ANo
70dataIntegrationTitlesText (Multivalued)N/ANo
71sourcesIconsSource data models iconsN/ANo
72nameTextN/AYes
73summaryTextN/ANo
74descriptionTextN/ANo
75categoriesText (Multivalued)N/ANo
76flowStateTextN/ANo
77sourcesReference (Base model)SOURCED_FROMNo
78dateCreatedDate TimeN/ANo
79lastUpdatedDate TimeN/ANo
80createdByTextN/ANo
81updatedByTextN/ANo
FOOTNOTES
  • The Order column specifies the order of attributes being calculated in data computation.
  • The attribute names are used in Brinqa Query Language (BQL) queries and Brinqa Condition Language (BCL) predicates.
  • In the Type column, Calculated means that the value of the attribute is computed by executing a script. The text in the parentheses after Calculated denotes the type of the outcome.
  • In the Type column, Reference means that two data models are related. The name in the parentheses after Reference indicates the other data model.
  • The Relationship Type column only applies to the Reference type attributes. You can use the relationship type keyword in BQL queries.