Skip to main content

Code Issues by Severity

POST 

/code/api/v2/dashboard/errors-by-severity

Gets a count of issues detected at each severity level. You can set the repositories, codeCategories, and severities parameters in the request body to filter the results.

Request

Body

required
    codeCategories CodeCategoryType (string)[]

    Possible values: [iac, buildIntegrity, licenses, secrets, vulnerabilities]

    • IaC: Filter value to retrieve issues with Infrastructure-as-Code (IaC or iac) templates and scripts that provision and manage cloud resources. Prisma Cloud detects issues such as misconfigurations and security risks within the code that deploys and manages the infrastructure.
    • Vulnerability: Filter value to retrieve findings related to known security vulnerabilities in open-source packages used in applications. These findings highlight potential weaknesses that could be exploited by attackers.
    • BuildIntegrity: Filter value to retrieve findings related to the integrity and security of the build pipeline or the software supply chain. These findings include checks for unauthorized or insecure dependencies, insecure artifact storage, or other issues that could compromise the integrity of the software build process.
    • Secrets: Filter value to retrieve findings related to the handling and management of sensitive information, such as API keys, passwords, or cryptographic keys, within code files. Address these findings to ensure that secrets are properly protected and not exposed in the code or configurations.
    • Licenses: Filter value to retrieve issues related to the non-compliance with license requirements. Open source packages typically include a license that is either restrictive or permissive. Prisma Cloud, by default, identifies and flags instances where open-source software components do not include a license, or are carrying an undesired one. Specifically, licenses not approved by the Open Source Initiative (OSI) or not recognized by the Software Package Data Exchange (SPDX) fall under this undesired category.
    repositories Repository (string)[]

    The repositories filter enables you to retrieve issues related to one or more repositories. You must provide the UUIDs of the repositories that you want to include in the filter. To retrieve the UUID of a repository use the List repository list endpoint. (the id field of the response has the UUID of the repository).

    severities Severity (string)[]

    Possible values: [INFO, LOW, MEDIUM, HIGH, CRITICAL]

    The severity level of the vulnerability or misconfiguration.

    • Critical: Critical severity indicates a high-risk vulnerability or misconfiguration that could lead to significant security breaches or data leaks. These issues require immediate attention and remediation.
    • High: High severity indicates a significant security issue that has the potential to be exploited or result in significant damage if left unaddressed. These findings should be addressed as a priority.
    • Medium: Medium severity indicates issues that pose a potential security risk that are less severe than Critical and High. Remediation of these issues should be prioritized, but they may not require immediate attention.
    • Low: Low severity indicates issues that have a minimal impact on security or are relatively low-risk. While they may not pose an immediate threat, it is still recommended to address them to maintain a robust security posture.
    • Info: Info severity is used for informational findings or recommendations that do not pose an immediate security risk but provide helpful guidance, best practices, or suggestions for optimization. These findings can be considered as part of ongoing security hygiene efforts.
    size double

    The maximum number of results included in the response.

Responses

Errors By Severity

Schema
    data object[]required
  • Array [
  • count stringrequired

    Number of issues at each severity level.

    severity Severity (string)required

    Possible values: [INFO, LOW, MEDIUM, HIGH, CRITICAL]

    The severity level of the vulnerability or misconfiguration.

    • Critical: Critical severity indicates a high-risk vulnerability or misconfiguration that could lead to significant security breaches or data leaks. These issues require immediate attention and remediation.
    • High: High severity indicates a significant security issue that has the potential to be exploited or result in significant damage if left unaddressed. These findings should be addressed as a priority.
    • Medium: Medium severity indicates issues that pose a potential security risk that are less severe than Critical and High. Remediation of these issues should be prioritized, but they may not require immediate attention.
    • Low: Low severity indicates issues that have a minimal impact on security or are relatively low-risk. While they may not pose an immediate threat, it is still recommended to address them to maintain a robust security posture.
    • Info: Info severity is used for informational findings or recommendations that do not pose an immediate security risk but provide helpful guidance, best practices, or suggestions for optimization. These findings can be considered as part of ongoing security hygiene efforts.
  • ]
  • lastScanDate stringrequired

    The time when the last scan was triggered.

Loading...