Skip to main content


An object to represent an assessment, including both compliance assessment such as a HIPAA Risk Assessment or a technical assessment such as a Penetration Testing. Each assessment should have findings (e.g. Vulnerability or Risk) associated.

Assessment properties
category *
stringThe category of the Assessment.

Examples: Risk Assessment, Readiness Assessment, Gap Assessment, Validation Assessment, Compliance Assessment, Self Assessment, Certification, Audit, Technical Review, Operational Review, Penetration Testing, Vulnerability Scan, Other
internal *
booleanIndicates if this is an internal or external assessment/audit. Defaults to true.default: true
summary *
stringThe summary description of the Assessment.
assessorstringEmail or name or ID of the assessor
assessorsarray of stringsList of email or name or ID of the assessors
completedOnnumberThe timestamp (in milliseconds since epoch) when the Assessment was completed.
Format: date-time

reportURLstringLink to the assessment report, if available.
Format: uri

startedOnnumberThe timestamp (in milliseconds since epoch) when the Assessment was started.
Format: date-time

Inherited properties
_class *
string |
array of strings
One or more classes conforming to a standard, abstract security data model. For example, an EC2 instance will have '_class':'Host'.
_key *
stringAn identifier unique within the scope containing the object. For example, for a Bitbucket repo, this will be the GUID of the repo as assigned by Bitbucket. For an IAM Role, this will be the ARN of the role.minLength: 10
_type *
stringThe type of object, typically reflecting the vendor and resource type. For example, 'aws_iam_user'. In some cases, a system knows about a type of entity that other systems know about, such as 'user_endpoint' or 'cve'.minLength: 3
displayName *
stringDisplay name, e.g. a person's preferred name or an AWS account alias
name *
stringName of this entity
activebooleanIndicates if this entity is currently active.
classificationstring | nullThe sensitivity of the data; should match company data classification scheme

Examples: critical, confidential, internal, public
complianceStatusnumberThe compliance status of the entity, as a percentage of compliancy.minimum: 0, maximum: 1
createdBystringThe source/principal/user that created the entity
createdOnnumberThe timestamp (in milliseconds since epoch) when the entity was created at the source. This is different than _createdOn which is the timestamp the entity was first ingested into JupiterOne.
Format: date-time

criticalityintegerA number that represents the value or criticality of this entity, on a scale between 1-10.minimum: 1, maximum: 10
deletedBystringThe source/principal/user that deleted the entity
deletedOnnumberThe timestamp (in milliseconds since epoch) when the entity was deleted at the source.
Format: date-time

descriptionstringAn extended description of this entity.
discoveredBystringThe source/principal/user that discovered the entity
discoveredOnnumberThe timestamp (in milliseconds since epoch) when the entity was discovered.
Format: date-time

expiresOnnumberIf the entity is a temporary resource, optionally set the expiration date. For example, the expiration date of an SSL cert.
Format: date-time

idstring | arrayIdentifiers of this entity assigned by the providers. Values are expected to be unique within the provider scope.
notesarray of stringsUser provided notes about this entity
ownerstringThe owner of this entity. This could reference the name of the owner, or as reference ID/key to another entity in the graph as the owner.
publicbooleanIndicates if this is a public-facing resource (e.g. a public IP or public DNS record) or if the entity is publicly accessible. Default is false.
riskintegerThe risk level of this entity, on a scale between 1-10.minimum: 1, maximum: 10
statusstringStatus of this entity set by the external source system or by a user, e.g. Active, Inactive, Decommissioned

Examples: active, inactive, suspended, terminated, open, closed, pending, unknown, other
tagsarray of stringsAn array of unnamed tags
temporarybooleanIndicates if this node is a temporary resource, such as a lambda instance or an EC2 instance started by ECS.
trustintegerThe trust level of this entity, on a scale between 1-10.minimum: 1, maximum: 10
trustedbooleanIndicates if this is a trusted resource. For example, a trusted Network, Host, Device, Application, Person, User, or Vendor.
updatedBystringThe source/principal/user that updated the entity
updatedOnnumberThe timestamp (in milliseconds since epoch) when the entity was last updated at the source.
Format: date-time

validatedbooleanIndicates if this node has been validated as a known/valid Entity.
webLinkstringWeb link to the source. For example: This property is used by the UI to add a hyperlink to the entity.
Format: uri

Required properties
  • _key
  • _class
  • _type
  • name
  • displayName
  • category
  • summary
  • internal