Skip to main content

Risk

An object that represents an identified Risk as the result of an Assessment. The collection of Risk objects in JupiterOne make up the Risk Register. A Control may have a MITIGATES relationship to a Risk.

Risk properties
PropertyTypeDescriptionSpecifications
impact *
integerImpact rating. '3: high/severe', '2: medium/moderate', '1: low/minor', '0: none/insignificant'.

Examples: 0, 1, 2, 3
probability *
integerProbability rating of the risk: '3: high/certain', '2: medium/likely', '1: low/unlikely', '0: none/negligible'.

Examples: 0, 1, 2, 3
score *
integerOverall Risk Score = Probability x Impact
status *
stringCurrent status of this documented risk. Default status is open.

Examples: reported, acknowledged, accepted, mitigated, prioritized, transferred, pending, open
assessmentstringThe name/id of the assessment that produced this risk.
categorystringThe category (or area) of the risk. For example, 'process maturity' or 'natural disaster'.
detailsstringAdditional details to describe the risk.
mitigationstringDescription of the mitigation, either planned or implemented, if applicable.
Inherited properties
PropertyTypeDescriptionSpecifications
_class *
string |
array of strings
One or more classes conforming to a standard, abstract security data model. For example, an EC2 instance will have '_class':'Host'.
_key *
stringAn identifier unique within the scope containing the object. For example, for a Bitbucket repo, this will be the GUID of the repo as assigned by Bitbucket. For an IAM Role, this will be the ARN of the role.minLength: 10
_type *
stringThe type of object, typically reflecting the vendor and resource type. For example, 'aws_iam_user'. In some cases, a system knows about a type of entity that other systems know about, such as 'user_endpoint' or 'cve'.minLength: 3
displayName *
stringDisplay name, e.g. a person's preferred name or an AWS account alias
name *
stringName of this entity
approvedbooleanIf this is record has been reviewed and approved.
approvedOnnumberThe timestamp (in milliseconds since epoch) when this record was approved.
Format: date-time

approversarray of stringsThe list of approvers on the record.
classificationstringThe sensitivity of the data; should match company data classification scheme. For example: critical - confidential - internal - public.

Examples: critical, confidential, internal, public
contentstringText content of the record/documentation
createdOnnumberThe timestamp (in milliseconds since epoch) when the entity was created at the source. This is different than _createdOn which is the timestamp the entity was first ingested into JupiterOne.
Format: date-time

descriptionstringAn extended description of this entity.
exceptionbooleanIndicates if this record has an applied exception. For example, exception for a known finding or a PR that is not fully approved.
exceptionReasonstringReason / description of the exception.
openbooleanIndicates if this record is currently open. For example, an open Vulnerability finding (Vulnerability extends Record).
productionbooleanIf this is a production record. For example, a production change management ticket would have this set to true, and have a category = change property. Another example would be a Vulnerability finding in production.
publicbooleanIf this is a public record. Defaults to false.default: false
reportedOnnumberThe timestamp (in milliseconds since epoch) when this record was reported/opened. In most cases, this would be the same as createdOn but occasionally a record can be created at a different time than when it was first reported.
Format: date-time

reporterstringThe person or system that reported or created this record.
summarystringA summary / short description of this entity.
updatedOnnumberThe timestamp (in milliseconds since epoch) when the entity was last updated at the source.
Format: date-time

webLinkstringHyperlink to the location of this record, e.g. URL to a Jira issue
Format: uri

Required properties
  • _key
  • _class
  • _type
  • name
  • displayName
  • probability
  • impact
  • score
  • status