Vendor Attributes
vendor_attributes
The Vendor Attributes object can be used to represent values of attributes populated by the Vendor/Finding Provider.
It can help distinguish between the vendor-provided values and consumer-updated values of key attributes like severity_id
.
The original finding producer should not populate this object.
It should be populated by consuming systems that support data mutability.
Attributes
Caption | Name | Type | Description |
---|---|---|---|
Raw Data | raw_data | JSON | Group: |
Record ID | record_id | String | Group: |
Severity | severity | String | The finding severity, as reported by the Vendor (Finding Provider). The value should be normalized to the caption of the |
Severity ID | severity_id | Integer | The finding severity ID, as reported by the Vendor (Finding Provider).
|
Unmapped | unmapped | Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference Vendor Attributes in their attributes:
- Vulnerability Finding
- Detection Finding
- Data Security Finding
- Compliance Finding
- Finding
- Incident Finding
Outbound Relationships
Vendor Attributes references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 6 days ago