Skip to main content

Common Errors By Policy

POST 

/code/api/v2/dashboard/common-errors-by-policy

Gets the list of policies that have the highest number of errors (open issues) and their respective error counts. The response also includes policy details such as remediationIds and severity.

You can set the repositories, codeCategories, and severities parameters in the request body to filter the results.

Request

Body

required
    codeCategories CodeCategoryType (string)[]

    Possible values: [iac, buildIntegrity, licenses, secrets, vulnerabilities]

    • IaC: Filter value to retrieve issues with Infrastructure-as-Code (IaC or iac) templates and scripts that provision and manage cloud resources. Prisma Cloud detects issues such as misconfigurations and security risks within the code that deploys and manages the infrastructure.
    • Vulnerability: Filter value to retrieve findings related to known security vulnerabilities in open-source packages used in applications. These findings highlight potential weaknesses that could be exploited by attackers.
    • BuildIntegrity: Filter value to retrieve findings related to the integrity and security of the build pipeline or the software supply chain. These findings include checks for unauthorized or insecure dependencies, insecure artifact storage, or other issues that could compromise the integrity of the software build process.
    • Secrets: Filter value to retrieve findings related to the handling and management of sensitive information, such as API keys, passwords, or cryptographic keys, within code files. Address these findings to ensure that secrets are properly protected and not exposed in the code or configurations.
    • Licenses: Filter value to retrieve issues related to the non-compliance with license requirements. Open source packages typically include a license that is either restrictive or permissive. Prisma Cloud, by default, identifies and flags instances where open-source software components do not include a license, or are carrying an undesired one. For example, licenses not approved by the Open Source Initiative (OSI) or not recognized by the Software Package Data Exchange (SPDX) fall under this undesired category.
    repositories Repository (string)[]

    The repositories filter enables you to retrieve issues related to one or more repositories. You must provide the UUIDs of the repositories that you want to include in the filter. To retrieve the UUID of a repository use the List repository list endpoint. (the id field of the response has the UUID of the repository).

    severities Severity (string)[]

    Possible values: [INFO, LOW, MEDIUM, HIGH, CRITICAL]

    The severity level of the vulnerability or misconfiguration.

    • Critical: Critical severity indicates a high-risk vulnerability or misconfiguration that could lead to significant security breaches or data leaks. These issues require immediate attention and remediation.
    • High: High severity indicates a significant security issue that has the potential to be exploited or result in significant damage if left unaddressed. These findings should be addressed as a priority.
    • Medium: Medium severity indicates issues that pose a potential security risk that are less severe than Critical and High. Remediation of these issues should be prioritized, but they may not require immediate attention.
    • Low: Low severity indicates issues that have a minimal impact on security or are relatively low-risk. While they may not pose an immediate threat, it is still recommended to address them to maintain a robust security posture.
    • Info: Info severity is used for informational findings or recommendations that do not pose an immediate security risk but provide helpful guidance, best practices, or suggestions for optimization. These findings can be considered as part of ongoing security hygiene efforts.
    size double

    The maximum number of results included in the response.

Responses

Common Errors By Policy

Schema
    data object[]required
  • Array [
  • count stringrequired

    Number of open issues for the policy.

    createdBy stringnullablerequired

    The author of the policy (Prisma Cloud System Admin for default policies, User email for custom policies).

    isCustom booleanrequired

    True if the policy is a custom policy; false otherwise.

    remediationIds string[]required

    The remediations available for the issues identified by the policy.

    severity Severity (string)required

    Possible values: [INFO, LOW, MEDIUM, HIGH, CRITICAL]

    The severity level of the vulnerability or misconfiguration.

    • Critical: Critical severity indicates a high-risk vulnerability or misconfiguration that could lead to significant security breaches or data leaks. These issues require immediate attention and remediation.
    • High: High severity indicates a significant security issue that has the potential to be exploited or result in significant damage if left unaddressed. These findings should be addressed as a priority.
    • Medium: Medium severity indicates issues that pose a potential security risk that are less severe than Critical and High. Remediation of these issues should be prioritized, but they may not require immediate attention.
    • Low: Low severity indicates issues that have a minimal impact on security or are relatively low-risk. While they may not pose an immediate threat, it is still recommended to address them to maintain a robust security posture.
    • Info: Info severity is used for informational findings or recommendations that do not pose an immediate security risk but provide helpful guidance, best practices, or suggestions for optimization. These findings can be considered as part of ongoing security hygiene efforts.
    title stringrequired

    The policy name.

  • ]
  • lastScanDate stringrequired

    The time when the last scan was triggered.

Loading...