Get a Risk finding by Id

GET 
/v1/risk-findings/id/:id

Get full risk findings details to enable deeper investigation into data security risks. This call returns a comprehensive list of risk findings details, as is available in the Prisma Cloud DSPM console.

Request

Path Parameters

id stringrequired

Header Parameters

dig-api-key stringrequired

Dig token header

Responses

200

OK

application/json

Schema

Schema

id string
ruleName string
severity string

Possible values: [LOW, MEDIUM, HIGH]

asset object
name string
assetId string
cloudTags object
property name* string
dspmTags object
property name* string[]
Array [
string
]
dataTypes string[]
assetLabels string[]
status string

Possible values: [OPEN, CLOSED, UNIMPORTANT, WRONG, HANDLED, INVESTIGATING]

projectId string
cloudProvider string

Possible values: [AWS, AZURE, GCP, SNOWFLAKE, FILE_SHARE, O365]

cloudEnvironment string

Possible values: [UNKNOWN, DEVELOPMENT, STAGING, TESTING, PRODUCTION]

firstDiscovered date-time
complianceStandards object
property name* string[]
Array [
string
]
riskEvidence object[]
Array [
success boolean
error string
result object
oneOf
AccessEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
permittedEntities object[]
Array [
id string
project string
cloudAccountInformation object
name string
projectId string
cloudProvider string
Possible values: [AWS, AZURE, GCP, SNOWFLAKE, FILE_SHARE, O365]
cloudEnvironment string
Possible values: [UNKNOWN, DEVELOPMENT, STAGING, TESTING, PRODUCTION]
verifiedVendor boolean
foreign boolean
entityType string
name string
riskIndicators string[]
]
AiDatasetPublicEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
datasetAsset object
assetId int64
assetName string
projectId string
projectName string
assetRegion string
family string
Possible values: [ANALYTICS, DB, STORAGE, AI]
deploymentType string
Possible values: [MANAGED, UNMANAGED, DBAAS, ONPREM, SAAS]
serviceType string
Possible values: [ATHENA, AURORA, AWS_BACKUP, DOCUMENTDB, DYNAMODB, DAX, EMR, EBS, EFS, ELASTICACHE, FSX, KINESIS_DELIVERY_STREAM, MEMORYDB, NEPTUNE, QLDB, RDS, REDSHIFT, S3, TIMESTREAM, OPENSEARCH, OPENSEARCH_SERVERLESS, COSMOS_DB, SYNAPSE, CACHE_FOR_REDIS, MARIA_DB, MYSQL_SERVER, POSTGRESQL_SERVER, SQL_SERVER, STORAGE_ACCOUNT, SQL_MANAGED_INSTANCE, ANF, CLOUD_STORAGE, CLOUD_SQL, BIG_QUERY, FILE_STORE, CLOUD_SPANNER, MEMORY_STORE, BIG_TABLE, FIRE_STORE, UNMANAGED_AWS_MYSQL, UNMANAGED_AWS_ORACLE_SERVER, UNMANAGED_AWS_MONGO_DB, UNMANAGED_AWS_POSTGRESQL, UNMANAGED_AWS_REDIS, UNMANAGED_AWS_SQLITE, UNMANAGED_AWS_MS_SQL, UNMANAGED_AWS_MARIA_DB, UNMANAGED_AWS_NEO4_J, UNMANAGED_AWS_ELASTIC, UNMANAGED_AWS_COCKROACH_DB, UNMANAGED_AWS_AEROSPIKE, UNMANAGED_AWS_SCYLLA_DB, UNMANAGED_AZURE_MYSQL, UNMANAGED_AZURE_ORACLE_SERVER, UNMANAGED_AZURE_MONGO_DB, UNMANAGED_AZURE_POSTGRESQL, UNMANAGED_AZURE_REDIS, UNMANAGED_AZURE_SQLITE, UNMANAGED_AZURE_MS_SQL, UNMANAGED_AZURE_MARIA_DB, UNMANAGED_AZURE_NEO4_J, UNMANAGED_AZURE_ELASTIC, UNMANAGED_AZURE_COCKROACH_DB, UNMANAGED_AZURE_AEROSPIKE, UNMANAGED_AZURE_SCYLLA_DB, UNMANAGED_GCP_MYSQL, UNMANAGED_GCP_ORACLE_SERVER, UNMANAGED_GCP_MONGO_DB, UNMANAGED_GCP_POSTGRESQL, UNMANAGED_GCP_REDIS, UNMANAGED_GCP_SQLITE, UNMANAGED_GCP_MS_SQL, UNMANAGED_GCP_MARIA_DB, UNMANAGED_GCP_NEO4_J, UNMANAGED_GCP_ELASTIC, UNMANAGED_GCP_COCKROACH_DB, UNMANAGED_GCP_AEROSPIKE, UNMANAGED_GCP_SCYLLA_DB, SNOWFLAKE_DB, FILE_SHARE, ONE_DRIVE, SHARE_POINT, AZURE_OPEN_AI_DEPLOYMENT, VERTEX_ENDPOINT, BEDROCK_PROVISIONED_THROUGHPUT, BEDROCK_AGENT]
snapshotServiceType string
Possible values: [SNAPSHOT_RDS_INSTANCE, SNAPSHOT_FILE_STORE, SNAPSHOT_CLOUD_SPANNER, SNAPSHOT_BIG_TABLE]
cloudEnvironment string
Possible values: [UNKNOWN, DEVELOPMENT, STAGING, TESTING, PRODUCTION]
cloud string
Possible values: [AWS, AZURE, GCP, SNOWFLAKE, FILE_SHARE, O365]
assetTags object
property name* string
assetDspmTags object
property name* string[]
Array [
string
]
assetLabels string[]
assetDataTypes object
property name* int64
ChatHistoryEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
assets object[]
Array [
assetId int64
assetName string
projectId string
projectName string
assetRegion string
family string
Possible values: [ANALYTICS, DB, STORAGE, AI]
deploymentType string
Possible values: [MANAGED, UNMANAGED, DBAAS, ONPREM, SAAS]
serviceType string
Possible values: [ATHENA, AURORA, AWS_BACKUP, DOCUMENTDB, DYNAMODB, DAX, EMR, EBS, EFS, ELASTICACHE, FSX, KINESIS_DELIVERY_STREAM, MEMORYDB, NEPTUNE, QLDB, RDS, REDSHIFT, S3, TIMESTREAM, OPENSEARCH, OPENSEARCH_SERVERLESS, COSMOS_DB, SYNAPSE, CACHE_FOR_REDIS, MARIA_DB, MYSQL_SERVER, POSTGRESQL_SERVER, SQL_SERVER, STORAGE_ACCOUNT, SQL_MANAGED_INSTANCE, ANF, CLOUD_STORAGE, CLOUD_SQL, BIG_QUERY, FILE_STORE, CLOUD_SPANNER, MEMORY_STORE, BIG_TABLE, FIRE_STORE, UNMANAGED_AWS_MYSQL, UNMANAGED_AWS_ORACLE_SERVER, UNMANAGED_AWS_MONGO_DB, UNMANAGED_AWS_POSTGRESQL, UNMANAGED_AWS_REDIS, UNMANAGED_AWS_SQLITE, UNMANAGED_AWS_MS_SQL, UNMANAGED_AWS_MARIA_DB, UNMANAGED_AWS_NEO4_J, UNMANAGED_AWS_ELASTIC, UNMANAGED_AWS_COCKROACH_DB, UNMANAGED_AWS_AEROSPIKE, UNMANAGED_AWS_SCYLLA_DB, UNMANAGED_AZURE_MYSQL, UNMANAGED_AZURE_ORACLE_SERVER, UNMANAGED_AZURE_MONGO_DB, UNMANAGED_AZURE_POSTGRESQL, UNMANAGED_AZURE_REDIS, UNMANAGED_AZURE_SQLITE, UNMANAGED_AZURE_MS_SQL, UNMANAGED_AZURE_MARIA_DB, UNMANAGED_AZURE_NEO4_J, UNMANAGED_AZURE_ELASTIC, UNMANAGED_AZURE_COCKROACH_DB, UNMANAGED_AZURE_AEROSPIKE, UNMANAGED_AZURE_SCYLLA_DB, UNMANAGED_GCP_MYSQL, UNMANAGED_GCP_ORACLE_SERVER, UNMANAGED_GCP_MONGO_DB, UNMANAGED_GCP_POSTGRESQL, UNMANAGED_GCP_REDIS, UNMANAGED_GCP_SQLITE, UNMANAGED_GCP_MS_SQL, UNMANAGED_GCP_MARIA_DB, UNMANAGED_GCP_NEO4_J, UNMANAGED_GCP_ELASTIC, UNMANAGED_GCP_COCKROACH_DB, UNMANAGED_GCP_AEROSPIKE, UNMANAGED_GCP_SCYLLA_DB, SNOWFLAKE_DB, FILE_SHARE, ONE_DRIVE, SHARE_POINT, AZURE_OPEN_AI_DEPLOYMENT, VERTEX_ENDPOINT, BEDROCK_PROVISIONED_THROUGHPUT, BEDROCK_AGENT]
snapshotServiceType string
Possible values: [SNAPSHOT_RDS_INSTANCE, SNAPSHOT_FILE_STORE, SNAPSHOT_CLOUD_SPANNER, SNAPSHOT_BIG_TABLE]
cloudEnvironment string
Possible values: [UNKNOWN, DEVELOPMENT, STAGING, TESTING, PRODUCTION]
cloud string
Possible values: [AWS, AZURE, GCP, SNOWFLAKE, FILE_SHARE, O365]
assetTags object
property name* string
assetDspmTags object
property name* string[]
Array [
string
]
assetLabels string[]
assetDataTypes object
property name* int64
]
chatHistoryDetails object[]
Array [
region string
project string
projectName string
cloudEnvironment string
Possible values: [UNKNOWN, DEVELOPMENT, STAGING, TESTING, PRODUCTION]
cloudProvider string
Possible values: [AWS, AZURE, GCP, SNOWFLAKE, FILE_SHARE, O365]
]
serviceType string
Possible values: [ATHENA, AURORA, AWS_BACKUP, DOCUMENTDB, DYNAMODB, DAX, EMR, EBS, EFS, ELASTICACHE, FSX, KINESIS_DELIVERY_STREAM, MEMORYDB, NEPTUNE, QLDB, RDS, REDSHIFT, S3, TIMESTREAM, OPENSEARCH, OPENSEARCH_SERVERLESS, COSMOS_DB, SYNAPSE, CACHE_FOR_REDIS, MARIA_DB, MYSQL_SERVER, POSTGRESQL_SERVER, SQL_SERVER, STORAGE_ACCOUNT, SQL_MANAGED_INSTANCE, ANF, CLOUD_STORAGE, CLOUD_SQL, BIG_QUERY, FILE_STORE, CLOUD_SPANNER, MEMORY_STORE, BIG_TABLE, FIRE_STORE, UNMANAGED_AWS_MYSQL, UNMANAGED_AWS_ORACLE_SERVER, UNMANAGED_AWS_MONGO_DB, UNMANAGED_AWS_POSTGRESQL, UNMANAGED_AWS_REDIS, UNMANAGED_AWS_SQLITE, UNMANAGED_AWS_MS_SQL, UNMANAGED_AWS_MARIA_DB, UNMANAGED_AWS_NEO4_J, UNMANAGED_AWS_ELASTIC, UNMANAGED_AWS_COCKROACH_DB, UNMANAGED_AWS_AEROSPIKE, UNMANAGED_AWS_SCYLLA_DB, UNMANAGED_AZURE_MYSQL, UNMANAGED_AZURE_ORACLE_SERVER, UNMANAGED_AZURE_MONGO_DB, UNMANAGED_AZURE_POSTGRESQL, UNMANAGED_AZURE_REDIS, UNMANAGED_AZURE_SQLITE, UNMANAGED_AZURE_MS_SQL, UNMANAGED_AZURE_MARIA_DB, UNMANAGED_AZURE_NEO4_J, UNMANAGED_AZURE_ELASTIC, UNMANAGED_AZURE_COCKROACH_DB, UNMANAGED_AZURE_AEROSPIKE, UNMANAGED_AZURE_SCYLLA_DB, UNMANAGED_GCP_MYSQL, UNMANAGED_GCP_ORACLE_SERVER, UNMANAGED_GCP_MONGO_DB, UNMANAGED_GCP_POSTGRESQL, UNMANAGED_GCP_REDIS, UNMANAGED_GCP_SQLITE, UNMANAGED_GCP_MS_SQL, UNMANAGED_GCP_MARIA_DB, UNMANAGED_GCP_NEO4_J, UNMANAGED_GCP_ELASTIC, UNMANAGED_GCP_COCKROACH_DB, UNMANAGED_GCP_AEROSPIKE, UNMANAGED_GCP_SCYLLA_DB, SNOWFLAKE_DB, FILE_SHARE, ONE_DRIVE, SHARE_POINT, AZURE_OPEN_AI_DEPLOYMENT, VERTEX_ENDPOINT, BEDROCK_PROVISIONED_THROUGHPUT, BEDROCK_AGENT]
ConfigEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
configurationOptions object
property name* object
DataFlowEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
flowInfo object
id string
name string
type string
Possible values: [REPLICATION_RULE, S3_REPLICATION_RULE, BIG_QUERY_REPLICATION, CLOUD_STORAGE_REPLICATION, STORAGE_ACCOUNT_REPLICATION_RULE]
destinationAsset object
id string
name string
projectId string
projectName string
cloudEnvironment string
Possible values: [UNKNOWN, DEVELOPMENT, STAGING, TESTING, PRODUCTION]
cloudProvider string
Possible values: [AWS, AZURE, GCP, SNOWFLAKE, FILE_SHARE, O365]
region string
serviceType string
Possible values: [ATHENA, AURORA, AWS_BACKUP, DOCUMENTDB, DYNAMODB, DAX, EMR, EBS, EFS, ELASTICACHE, FSX, KINESIS_DELIVERY_STREAM, MEMORYDB, NEPTUNE, QLDB, RDS, REDSHIFT, S3, TIMESTREAM, OPENSEARCH, OPENSEARCH_SERVERLESS, COSMOS_DB, SYNAPSE, CACHE_FOR_REDIS, MARIA_DB, MYSQL_SERVER, POSTGRESQL_SERVER, SQL_SERVER, STORAGE_ACCOUNT, SQL_MANAGED_INSTANCE, ANF, CLOUD_STORAGE, CLOUD_SQL, BIG_QUERY, FILE_STORE, CLOUD_SPANNER, MEMORY_STORE, BIG_TABLE, FIRE_STORE, UNMANAGED_AWS_MYSQL, UNMANAGED_AWS_ORACLE_SERVER, UNMANAGED_AWS_MONGO_DB, UNMANAGED_AWS_POSTGRESQL, UNMANAGED_AWS_REDIS, UNMANAGED_AWS_SQLITE, UNMANAGED_AWS_MS_SQL, UNMANAGED_AWS_MARIA_DB, UNMANAGED_AWS_NEO4_J, UNMANAGED_AWS_ELASTIC, UNMANAGED_AWS_COCKROACH_DB, UNMANAGED_AWS_AEROSPIKE, UNMANAGED_AWS_SCYLLA_DB, UNMANAGED_AZURE_MYSQL, UNMANAGED_AZURE_ORACLE_SERVER, UNMANAGED_AZURE_MONGO_DB, UNMANAGED_AZURE_POSTGRESQL, UNMANAGED_AZURE_REDIS, UNMANAGED_AZURE_SQLITE, UNMANAGED_AZURE_MS_SQL, UNMANAGED_AZURE_MARIA_DB, UNMANAGED_AZURE_NEO4_J, UNMANAGED_AZURE_ELASTIC, UNMANAGED_AZURE_COCKROACH_DB, UNMANAGED_AZURE_AEROSPIKE, UNMANAGED_AZURE_SCYLLA_DB, UNMANAGED_GCP_MYSQL, UNMANAGED_GCP_ORACLE_SERVER, UNMANAGED_GCP_MONGO_DB, UNMANAGED_GCP_POSTGRESQL, UNMANAGED_GCP_REDIS, UNMANAGED_GCP_SQLITE, UNMANAGED_GCP_MS_SQL, UNMANAGED_GCP_MARIA_DB, UNMANAGED_GCP_NEO4_J, UNMANAGED_GCP_ELASTIC, UNMANAGED_GCP_COCKROACH_DB, UNMANAGED_GCP_AEROSPIKE, UNMANAGED_GCP_SCYLLA_DB, SNOWFLAKE_DB, FILE_SHARE, ONE_DRIVE, SHARE_POINT, AZURE_OPEN_AI_DEPLOYMENT, VERTEX_ENDPOINT, BEDROCK_PROVISIONED_THROUGHPUT, BEDROCK_AGENT]
family string
Possible values: [ANALYTICS, DB, STORAGE, AI]
deploymentType string
Possible values: [MANAGED, UNMANAGED, DBAAS, ONPREM, SAAS]
assetTags object
property name* string
assetDspmTags object
property name* string[]
Array [
string
]
DataTypeEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
files object[]
Array [
size string
filename string
path string
dataTypes object[]
Array [
name string
label string
count int32
]
deleted boolean
]
filesCount int32
FileEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
files object[]
Array [
size string
filename string
path string
dataTypes object[]
Array [
name string
label string
count int32
]
openToWorld boolean
deleted boolean
]
filesCount int32
FreshnessEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
LabelEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
files object[]
Array [
size string
filename string
path string
dataTypes object[]
Array [
name string
label string
count int32
]
deleted boolean
]
filesCount int32
MalwareEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
files object[]
Array [
size string
filename string
path string
dataTypes object[]
Array [
name string
label string
count int32
]
malwareFamily object[]
malwareConfidence string
malicious boolean
deleted boolean
]
filesCount int32
ShadowBackupEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
files object[]
Array [
size string
filename string
path string
dataTypes object[]
Array [
name string
label string
count int32
]
shadowBackup boolean
deleted boolean
]
filesCount int32
SnapshotEvidenceResult
type string
Possible values: [FILE, SNAPSHOT, CONFIG, FRESHNESS, ACCESS, MALWARE, DATA_FLOW, SHADOW_BACKUP, DATA_TYPE, LABEL, AI_DATASET_PUBLIC, AI_CHAT_HISTORY]
id string
region string
service string
originalAssetId string
sharingScope string[]
sizeInGB int32
createdTime string
projectId string
externalLink string
]

Example (from schema)

{
  "id": "string",
  "ruleName": "string",
  "severity": "LOW",
  "asset": {
    "name": "string",
    "assetId": "string",
    "cloudTags": {},
    "dspmTags": {},
    "dataTypes": [
      "string"
    ],
    "assetLabels": [
      "string"
    ]
  },
  "status": "OPEN",
  "projectId": "string",
  "cloudProvider": "AWS",
  "cloudEnvironment": "UNKNOWN",
  "firstDiscovered": "2024-07-29T15:51:28.071Z",
  "complianceStandards": {},
  "riskEvidence": [
    {
      "success": true,
      "error": "string",
      "result": {}
    }
  ]
}

Loading...