Risk
An object that represents an identified Risk as the result of an Assessment. The collection of Risk objects in JupiterOne make up the Risk Register. A Control may have a MITIGATES
relationship to a Risk.
Risk properties
Property | Type | Description | Specifications |
---|---|---|---|
impact * | integer | Impact rating. '3: high/severe', '2: medium/moderate', '1: low/minor', '0: none/insignificant'. Examples: 0, 1, 2, 3 | |
probability * | integer | Probability rating of the risk: '3: high/certain', '2: medium/likely', '1: low/unlikely', '0: none/negligible'. Examples: 0, 1, 2, 3 | |
score * | integer | Overall Risk Score = Probability x Impact | |
status * | string | Current status of this documented risk. Default status is open .Examples: reported, acknowledged, accepted, mitigated, prioritized, transferred, pending, open | |
assessment | string | The name/id of the assessment that produced this risk. | |
category | string | The category (or area) of the risk. For example, 'process maturity' or 'natural disaster'. | |
details | string | Additional details to describe the risk. | |
mitigation | string | Description of the mitigation, either planned or implemented, if applicable. |
Inherited properties
Property | Type | Description | Specifications |
---|---|---|---|
_class * | string | array of string s | One or more classes conforming to a standard, abstract security data model. For example, an EC2 instance will have '_class':'Host'. | |
_key * | string | An identifier unique within the scope containing the object. For example, for a Bitbucket repo, this will be the GUID of the repo as assigned by Bitbucket. For an IAM Role, this will be the ARN of the role. | minLength: 10 |
_type * | string | The type of object, typically reflecting the vendor and resource type. For example, 'aws_iam_user'. In some cases, a system knows about a type of entity that other systems know about, such as 'user_endpoint' or 'cve'. | minLength: 3 |
displayName * | string | Display name, e.g. a person's preferred name or an AWS account alias | |
name * | string | Name of this entity | |
approved | boolean | If this is record has been reviewed and approved. | |
approvedOn | number | The timestamp (in milliseconds since epoch) when this record was approved. | Format: date-time |
approvers | array of string s | The list of approvers on the record. | |
classification | string | The sensitivity of the data; should match company data classification scheme. For example: critical - confidential - internal - public. Examples: critical, confidential, internal, public | |
content | string | Text content of the record/documentation | |
createdOn | number | The timestamp (in milliseconds since epoch) when the entity was created at the source. This is different than _createdOn which is the timestamp the entity was first ingested into JupiterOne. | Format: date-time |
description | string | An extended description of this entity. | |
exception | boolean | Indicates if this record has an applied exception. For example, exception for a known finding or a PR that is not fully approved. | |
exceptionReason | string | Reason / description of the exception. | |
open | boolean | Indicates if this record is currently open. For example, an open Vulnerability finding (Vulnerability extends Record). | |
production | boolean | If this is a production record. For example, a production change management ticket would have this set to true , and have a category = change property. Another example would be a Vulnerability finding in production. | |
public | boolean | If this is a public record. Defaults to false. | default: false |
reportedOn | number | The timestamp (in milliseconds since epoch) when this record was reported/opened. In most cases, this would be the same as createdOn but occasionally a record can be created at a different time than when it was first reported. | Format: date-time |
reporter | string | The person or system that reported or created this record. | |
summary | string | A summary / short description of this entity. | |
updatedOn | number | The timestamp (in milliseconds since epoch) when the entity was last updated at the source. | Format: date-time |
webLink | string | Hyperlink to the location of this record, e.g. URL to a Jira issue | Format: uri |
Required properties
_key
_class
_type
name
displayName
probability
impact
score
status