Module Values.FindingSource

Represents a security finding discovered during a pentest job. A finding contains details about a vulnerability, including its risk level, confidence, and remediation status.

Sourcetype nonrec t = {
  1. findingId : String_.t option;
    (*

    The unique identifier of the finding.

    *)
  2. agentSpaceId : String_.t option;
    (*

    The unique identifier of the agent space associated with the finding.

    *)
  3. pentestId : String_.t option;
    (*

    The unique identifier of the pentest associated with the finding.

    *)
  4. pentestJobId : String_.t option;
    (*

    The unique identifier of the pentest job that produced the finding.

    *)
  5. codeReviewId : String_.t option;
    (*

    The unique identifier of the code review associated with the finding.

    *)
  6. codeReviewJobId : String_.t option;
    (*

    The unique identifier of the code review job that produced the finding.

    *)
  7. taskId : String_.t option;
    (*

    The unique identifier of the task that produced the finding.

    *)
  8. name : String_.t option;
    (*

    The name of the finding.

    *)
  9. description : String_.t option;
    (*

    A description of the finding.

    *)
  10. status : FindingStatus.t option;
    (*

    The current status of the finding. Valid values include ACTIVE, RESOLVED, ACCEPTED, and FALSE_POSITIVE.

    *)
  11. riskType : String_.t option;
    (*

    The type of security risk identified by the finding.

    *)
  12. riskLevel : RiskLevel.t option;
    (*

    The risk level of the finding. Valid values include UNKNOWN, INFORMATIONAL, LOW, MEDIUM, HIGH, and CRITICAL.

    *)
  13. riskScore : String_.t option;
    (*

    The numerical risk score of the finding.

    *)
  14. reasoning : String_.t option;
    (*

    The reasoning behind the finding, explaining why it was identified as a vulnerability.

    *)
  15. confidence : ConfidenceLevel.t option;
    (*

    The confidence level of the finding. Valid values include FALSE_POSITIVE, UNCONFIRMED, LOW, MEDIUM, and HIGH.

    *)
  16. attackScript : String_.t option;
    (*

    The attack script used to reproduce the finding.

    *)
  17. codeRemediationTask : CodeRemediationTask.t option;
    (*

    The code remediation task associated with the finding, if code remediation was initiated.

    *)
  18. lastUpdatedBy : String_.t option;
    (*

    The identifier of the entity that last updated the finding.

    *)
  19. codeLocations : CodeLocationList.t option;
    (*

    The file locations involved in the vulnerability, as reported by the code scanner.

    *)
  20. createdAt : SyntheticTimestamp_date_time.t option;
    (*

    The date and time the finding was created, in UTC format.

    *)
  21. updatedAt : SyntheticTimestamp_date_time.t option;
    (*

    The date and time the finding was last updated, in UTC format.

    *)
}
Sourceval make : ?findingId:??? -> ?agentSpaceId:??? -> ?pentestId:??? -> ?pentestJobId:??? -> ?codeReviewId:??? -> ?codeReviewJobId:??? -> ?taskId:??? -> ?name:??? -> ?description:??? -> ?status:??? -> ?riskType:??? -> ?riskLevel:??? -> ?riskScore:??? -> ?reasoning:??? -> ?confidence:??? -> ?attackScript:??? -> ?codeRemediationTask:??? -> ?lastUpdatedBy:??? -> ?codeLocations:??? -> ?createdAt:??? -> ?updatedAt:??? -> unit -> t
Sourceval to_value : t -> [> `Structure of (string * [> `Enum of string | `List of [> `Structure of (string * [> `Integer of Integer.t | `String of String_.t ]) list ] list | `String of String_.t | `Structure of (string * [> `Enum of string | `List of [> `Structure of (string * [> `String of String_.t ]) list ] list | `String of String_.t ]) list | `Timestamp of SyntheticTimestamp_date_time.t ]) list ]
Sourceval to_query : t -> Awso.Client.Query.t
Sourceval of_xml : Awso.Xml.t -> t
Sourceval of_string : string -> t
Sourceval of_json : Yojson.Safe.t -> t
Sourceval to_json : t -> Yojson.Safe.t