Framework
An object to represent a standard compliance or technical security framework.
Framework properties
| Property | Type | Description | Specifications |
|---|---|---|---|
displayName * | string | Display name | |
name * | string | Name of this entity | |
standard * | string | The name of the framework standard. Examples: HIPAA, NIST, CSA STAR, PCI DSS, NIST CSF, FedRAMP, ISO 27001, SOC, OWASP, Other | |
version * | string | The version of the framework. For example, OWASP may have version 2010, 2013, 2017. | |
description | string | An extended description of this entity. | |
summary | string | A summary / short description of this entity. |
Inherited properties
| Property | Type | Description | Specifications |
|---|---|---|---|
_class * | string | array of strings | One or more classes conforming to a standard, abstract security data model. For example, an EC2 instance will have '_class':'Host'. | |
_key * | string | An identifier unique within the scope containing the object. For example, for a Bitbucket repo, this will be the GUID of the repo as assigned by Bitbucket. For an IAM Role, this will be the ARN of the role. | minLength: 10 |
_type * | string | The type of object, typically reflecting the vendor and resource type. For example, 'aws_iam_user'. In some cases, a system knows about a type of entity that other systems know about, such as 'user_endpoint' or 'cve'. | minLength: 3 |
Required properties
_key_class_typenamedisplayNamestandardversion