Reputation
reputation
The Reputation object describes the reputation/risk score of an entity (e.g. device, user, domain).
Attributes
Caption | Name | Type | Description |
---|---|---|---|
Reputation Score | base_score | Float | The reputation score as reported by the event source. |
Provider | provider | String | The provider of the reputation information. |
Raw Data | raw_data | JSON | Group: |
Record ID | record_id | String | Group: |
Reputation Score | score | String | The reputation score, normalized to the caption of the score_id value. In the case of 'Other', it is defined by the event source. |
Reputation Score ID | score_id | Integer | The normalized reputation score identifier.
|
Unmapped | unmapped | Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference Reputation in their attributes:
- File Threat Intelligence
- Base Threat Intelligence
- IP Threat Intelligence
- Observable
- Enrichment
- OSINT
- Domain Threat Intelligence
- Threat Intelligence
- URL Threat Intelligence
Outbound Relationships
Reputation references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 15 days ago