@x12i/memorix-retrieval 1.19.0 → 1.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/catalox-seeds/inputs/entity-descriptors/assets.json +73 -38
  2. package/catalox-seeds/inputs/entity-descriptors/topology-subnets.json +127 -0
  3. package/catalox-seeds/inputs/entity-descriptors/variabilities-groups.json +22 -33
  4. package/catalox-seeds/inputs/entity-descriptors/vulnerabilities.json +19 -30
  5. package/catalox-seeds/inputs/item-descriptors/asset-detail-item.json +20 -6
  6. package/catalox-seeds/inputs/item-descriptors/topology-subnet-detail-item.json +41 -0
  7. package/catalox-seeds/inputs/item-descriptors/variabilities-group-detail-item.json +5 -5
  8. package/catalox-seeds/inputs/item-descriptors/vulnerability-detail-item.json +5 -5
  9. package/catalox-seeds/inputs/list-descriptors/assets-main-list.json +4 -0
  10. package/catalox-seeds/inputs/list-descriptors/critical-vulnerabilities-list.json +5 -5
  11. package/catalox-seeds/inputs/list-descriptors/critical-vulnerabilities-slice.json +1 -1
  12. package/catalox-seeds/inputs/list-descriptors/topology-subnets-main-list.json +23 -0
  13. package/catalox-seeds/inputs/list-descriptors/variabilities-groups-main-list.json +3 -3
  14. package/catalox-seeds/inputs/list-descriptors/vulnerabilities-main-list.json +3 -3
  15. package/catalox-seeds/inputs/memorix-descriptors.bundle.json +328 -330
  16. package/catalox-seeds/inputs/memorix-item-descriptors.catalog.json +16 -16
  17. package/catalox-seeds/inputs/memorix-item-descriptors.items.json +16 -16
  18. package/catalox-seeds/inputs/memorix-list-descriptors.catalog.json +11 -11
  19. package/catalox-seeds/inputs/memorix-list-descriptors.items.json +41 -11
  20. package/catalox-seeds/inputs/memorix-object-type-descriptors.catalog.json +279 -303
  21. package/catalox-seeds/inputs/memorix-object-type-descriptors.items.json +279 -303
  22. package/catalox-seeds/memorix-retrieval-descriptors.manifest.json +411 -147
  23. package/dist/data/record-identity.d.ts +1 -1
  24. package/dist/data/record-identity.d.ts.map +1 -1
  25. package/dist/data/record-identity.js +30 -17
  26. package/dist/data/record-identity.js.map +1 -1
  27. package/dist/seeds/build-manifest.d.ts.map +1 -1
  28. package/dist/seeds/build-manifest.js +29 -1
  29. package/dist/seeds/build-manifest.js.map +1 -1
  30. package/dist/seeds/default-seed-spec.d.ts.map +1 -1
  31. package/dist/seeds/default-seed-spec.js +4 -0
  32. package/dist/seeds/default-seed-spec.js.map +1 -1
  33. package/dist/seeds/merge-for-apply.d.ts.map +1 -1
  34. package/dist/seeds/merge-for-apply.js +3 -1
  35. package/dist/seeds/merge-for-apply.js.map +1 -1
  36. package/dist/tests/collection-parser.test.js +8 -3
  37. package/dist/tests/collection-parser.test.js.map +1 -1
  38. package/dist/tests/seed-manifest.test.js +3 -3
  39. package/dist/tests/seed-manifest.test.js.map +1 -1
  40. package/dist/tests/source-provenance.test.js +14 -8
  41. package/dist/tests/source-provenance.test.js.map +1 -1
  42. package/docs/MEMORIX-DATABASE-CONVENTIONS.md +48 -27
  43. package/package.json +4 -4
@@ -2,22 +2,26 @@
2
2
  {
3
3
  "id": "assets",
4
4
  "entityName": "assets",
5
+ "defaultListDescriptorId": "assets-main-list",
6
+ "defaultItemDescriptorId": "asset-detail-item",
7
+ "target": "entity",
5
8
  "collectionPrefix": "assets",
6
9
  "identity": {
7
10
  "allowedIdFields": [
8
- "entityId",
9
- "eventId"
11
+ "identity.recordId",
12
+ "identity.targetId"
10
13
  ],
11
14
  "requiredExactlyOne": true,
12
- "defaultIdField": "entityId"
15
+ "defaultIdField": "identity.recordId"
13
16
  },
14
17
  "defaults": {
15
18
  "canonicalContentType": "snapshots",
16
19
  "dataRoot": "data",
17
- "effectiveDatePath": "capturedAt",
20
+ "effectiveDatePath": "lifecycle.capturedAt",
18
21
  "fallbackEffectiveDatePaths": [
22
+ "capturedAt",
19
23
  "snapshot.capturedAt",
20
- "data.xdr.last_seen"
24
+ "data.lastSeen"
21
25
  ]
22
26
  },
23
27
  "contentTypes": {
@@ -26,10 +30,11 @@
26
30
  "collection": "assets-snapshots",
27
31
  "dataRoot": "data",
28
32
  "isCanonical": true,
29
- "effectiveDatePath": "capturedAt",
33
+ "effectiveDatePath": "lifecycle.capturedAt",
30
34
  "fallbackEffectiveDatePaths": [
35
+ "capturedAt",
31
36
  "snapshot.capturedAt",
32
- "data.xdr.last_seen"
37
+ "data.lastSeen"
33
38
  ]
34
39
  }
35
40
  },
@@ -38,7 +43,7 @@
38
43
  "label": "IP Address",
39
44
  "source": {
40
45
  "contentType": "snapshots",
41
- "path": "data.ip_address"
46
+ "path": "data.assetIp"
42
47
  },
43
48
  "humanReadable": true,
44
49
  "sortable": true,
@@ -51,7 +56,7 @@
51
56
  "label": "Source",
52
57
  "source": {
53
58
  "contentType": "snapshots",
54
- "path": "data._source"
59
+ "path": "sourceFacts.values._source.rawValue"
55
60
  },
56
61
  "humanReadable": true,
57
62
  "sortable": true,
@@ -64,7 +69,7 @@
64
69
  "label": "Host Name",
65
70
  "source": {
66
71
  "contentType": "snapshots",
67
- "path": "data.xdr.host_name"
72
+ "path": "data.assetName"
68
73
  },
69
74
  "humanReadable": true,
70
75
  "sortable": true,
@@ -77,7 +82,7 @@
77
82
  "label": "XDR Operational Status",
78
83
  "source": {
79
84
  "contentType": "snapshots",
80
- "path": "data.xdr.operational_status"
85
+ "path": "data.operationalStatus"
81
86
  },
82
87
  "humanReadable": true,
83
88
  "sortable": true,
@@ -90,7 +95,7 @@
90
95
  "label": "XDR Agent Status",
91
96
  "source": {
92
97
  "contentType": "snapshots",
93
- "path": "data.xdr.agent_status"
98
+ "path": "data.agentStatus"
94
99
  },
95
100
  "humanReadable": true,
96
101
  "sortable": true,
@@ -103,7 +108,7 @@
103
108
  "label": "Agent Type",
104
109
  "source": {
105
110
  "contentType": "snapshots",
106
- "path": "data.xdr.agent_type"
111
+ "path": "data.agentType"
107
112
  },
108
113
  "humanReadable": true,
109
114
  "sortable": true,
@@ -116,7 +121,7 @@
116
121
  "label": "Last Seen",
117
122
  "source": {
118
123
  "contentType": "snapshots",
119
- "path": "data.xdr.last_seen"
124
+ "path": "data.lastSeen"
120
125
  },
121
126
  "humanReadable": true,
122
127
  "sortable": true,
@@ -125,24 +130,11 @@
125
130
  "item": true,
126
131
  "valueType": "datetime"
127
132
  },
128
- "users": {
129
- "label": "Users",
130
- "source": {
131
- "contentType": "snapshots",
132
- "path": "data.xdr.users"
133
- },
134
- "humanReadable": true,
135
- "sortable": false,
136
- "filterable": true,
137
- "list": true,
138
- "item": true,
139
- "valueType": "array"
140
- },
141
133
  "hasVulnerabilities": {
142
134
  "label": "Has Vulnerabilities",
143
135
  "source": {
144
136
  "contentType": "snapshots",
145
- "path": "data.vulnerabilities.hasVulnerabilities"
137
+ "path": "data.hasVulnerabilities"
146
138
  },
147
139
  "humanReadable": true,
148
140
  "sortable": true,
@@ -155,7 +147,7 @@
155
147
  "label": "Critical Vulnerabilities",
156
148
  "source": {
157
149
  "contentType": "snapshots",
158
- "path": "data.vulnerabilities.count.critical"
150
+ "path": "analytics.vulnerabilities.critical"
159
151
  },
160
152
  "humanReadable": true,
161
153
  "sortable": true,
@@ -168,7 +160,7 @@
168
160
  "label": "High Vulnerabilities",
169
161
  "source": {
170
162
  "contentType": "snapshots",
171
- "path": "data.vulnerabilities.count.high"
163
+ "path": "analytics.vulnerabilities.high"
172
164
  },
173
165
  "humanReadable": true,
174
166
  "sortable": true,
@@ -181,7 +173,7 @@
181
173
  "label": "Medium Vulnerabilities",
182
174
  "source": {
183
175
  "contentType": "snapshots",
184
- "path": "data.vulnerabilities.count.medium"
176
+ "path": "analytics.vulnerabilities.medium"
185
177
  },
186
178
  "humanReadable": true,
187
179
  "sortable": true,
@@ -194,7 +186,7 @@
194
186
  "label": "Low Vulnerabilities",
195
187
  "source": {
196
188
  "contentType": "snapshots",
197
- "path": "data.vulnerabilities.count.low"
189
+ "path": "analytics.vulnerabilities.low"
198
190
  },
199
191
  "humanReadable": true,
200
192
  "sortable": true,
@@ -207,7 +199,7 @@
207
199
  "label": "Potential Impact",
208
200
  "source": {
209
201
  "contentType": "snapshots",
210
- "path": "data.potentialImpact.level"
202
+ "path": "insights.potentialImpact.level"
211
203
  },
212
204
  "humanReadable": true,
213
205
  "sortable": true,
@@ -220,7 +212,7 @@
220
212
  "label": "Impact Confidence",
221
213
  "source": {
222
214
  "contentType": "snapshots",
223
- "path": "data.potentialImpact.confidence"
215
+ "path": "insights.potentialImpact.confidence"
224
216
  },
225
217
  "humanReadable": true,
226
218
  "sortable": true,
@@ -233,7 +225,7 @@
233
225
  "label": "Potential Impact Story",
234
226
  "source": {
235
227
  "contentType": "snapshots",
236
- "path": "data.potentialImpact.story"
228
+ "path": "insights.potentialImpact.story"
237
229
  },
238
230
  "humanReadable": false,
239
231
  "sortable": false,
@@ -246,7 +238,7 @@
246
238
  "label": "Paths Count",
247
239
  "source": {
248
240
  "contentType": "snapshots",
249
- "path": "data.pathsCount"
241
+ "path": "analytics.paths.total"
250
242
  },
251
243
  "humanReadable": true,
252
244
  "sortable": true,
@@ -259,7 +251,7 @@
259
251
  "label": "Raw XDR",
260
252
  "source": {
261
253
  "contentType": "snapshots",
262
- "path": "data.xdr"
254
+ "path": "sourceFacts.values.xdrRaw.rawValue"
263
255
  },
264
256
  "humanReadable": false,
265
257
  "sortable": false,
@@ -275,7 +267,7 @@
275
267
  "type": "oneToMany",
276
268
  "source": {
277
269
  "contentType": "snapshots",
278
- "path": "data.ip_address"
270
+ "path": "data.assetIp"
279
271
  },
280
272
  "target": {
281
273
  "contentType": "snapshots",
@@ -286,54 +278,61 @@
286
278
  "targetFields": [
287
279
  "vulnerabilityId",
288
280
  "pluginName",
289
- "severityLevel",
281
+ "severity",
290
282
  "riskLevel",
291
283
  "priorityScore",
292
- "cveIds"
284
+ "cveId"
293
285
  ]
294
286
  }
295
287
  }
296
288
  },
297
289
  {
298
- "id": "vulnerabilities",
299
- "entityName": "vulnerabilities",
300
- "collectionPrefix": "vulnerabilities",
290
+ "id": "variabilities-groups",
291
+ "entityName": "variabilities-groups",
292
+ "defaultListDescriptorId": "variabilities-groups-main-list",
293
+ "defaultItemDescriptorId": "variabilities-group-detail-item",
294
+ "target": "entity",
295
+ "collectionPrefix": "variabilities-groups",
301
296
  "identity": {
302
297
  "allowedIdFields": [
303
- "entityId",
304
- "eventId"
298
+ "identity.recordId",
299
+ "identity.targetId"
305
300
  ],
306
301
  "requiredExactlyOne": true,
307
- "defaultIdField": "entityId"
302
+ "defaultIdField": "identity.recordId"
308
303
  },
309
304
  "defaults": {
310
305
  "canonicalContentType": "snapshots",
311
306
  "dataRoot": "data",
312
- "effectiveDatePath": "capturedAt",
307
+ "effectiveDatePath": "lifecycle.capturedAt",
313
308
  "fallbackEffectiveDatePaths": [
309
+ "capturedAt",
314
310
  "snapshot.capturedAt",
311
+ "data.enrichedAt",
315
312
  "data.enrichment.enrichedAt"
316
313
  ]
317
314
  },
318
315
  "contentTypes": {
319
316
  "snapshots": {
320
317
  "postfix": "snapshots",
321
- "collection": "vulnerabilities-snapshots",
318
+ "collection": "variabilities-groups-snapshots",
322
319
  "dataRoot": "data",
323
320
  "isCanonical": true,
324
- "effectiveDatePath": "capturedAt",
321
+ "effectiveDatePath": "lifecycle.capturedAt",
325
322
  "fallbackEffectiveDatePaths": [
323
+ "capturedAt",
326
324
  "snapshot.capturedAt",
325
+ "data.enrichedAt",
327
326
  "data.enrichment.enrichedAt"
328
327
  ]
329
328
  }
330
329
  },
331
330
  "properties": {
332
- "vulnerabilityId": {
333
- "label": "Vulnerability ID",
331
+ "groupId": {
332
+ "label": "Group ID",
334
333
  "source": {
335
334
  "contentType": "snapshots",
336
- "path": "data.vulnerabilityId"
335
+ "path": "sourceFacts.values.id.rawValue"
337
336
  },
338
337
  "humanReadable": true,
339
338
  "sortable": true,
@@ -342,11 +341,11 @@
342
341
  "item": true,
343
342
  "valueType": "string"
344
343
  },
345
- "assetIp": {
346
- "label": "Asset IP",
344
+ "type": {
345
+ "label": "Type",
347
346
  "source": {
348
347
  "contentType": "snapshots",
349
- "path": "data.assetIp"
348
+ "path": "sourceFacts.values.type.rawValue"
350
349
  },
351
350
  "humanReadable": true,
352
351
  "sortable": true,
@@ -355,24 +354,24 @@
355
354
  "item": true,
356
355
  "valueType": "string"
357
356
  },
358
- "assetType": {
359
- "label": "Asset Type",
357
+ "pluginId": {
358
+ "label": "Plugin ID",
360
359
  "source": {
361
360
  "contentType": "snapshots",
362
- "path": "data.assetType"
361
+ "path": "sourceFacts.values.plugin_id.rawValue"
363
362
  },
364
363
  "humanReadable": true,
365
364
  "sortable": true,
366
365
  "filterable": true,
367
366
  "list": true,
368
367
  "item": true,
369
- "valueType": "string"
368
+ "valueType": "number"
370
369
  },
371
- "assetZone": {
372
- "label": "Asset Zone",
370
+ "pluginName": {
371
+ "label": "Plugin Name",
373
372
  "source": {
374
373
  "contentType": "snapshots",
375
- "path": "data.assetZone"
374
+ "path": "data.name"
376
375
  },
377
376
  "humanReadable": true,
378
377
  "sortable": true,
@@ -381,11 +380,11 @@
381
380
  "item": true,
382
381
  "valueType": "string"
383
382
  },
384
- "assetHostname": {
385
- "label": "Asset Hostname",
383
+ "pluginFamily": {
384
+ "label": "Plugin Family",
386
385
  "source": {
387
386
  "contentType": "snapshots",
388
- "path": "data.assetHostname"
387
+ "path": "data.vulnerability_family"
389
388
  },
390
389
  "humanReadable": true,
391
390
  "sortable": true,
@@ -394,83 +393,71 @@
394
393
  "item": true,
395
394
  "valueType": "string"
396
395
  },
397
- "pluginId": {
398
- "label": "Plugin ID",
396
+ "severity": {
397
+ "label": "Severity",
399
398
  "source": {
400
399
  "contentType": "snapshots",
401
- "path": "data.pluginId"
400
+ "path": "data.severity"
402
401
  },
403
402
  "humanReadable": true,
404
403
  "sortable": true,
405
404
  "filterable": true,
406
405
  "list": true,
407
406
  "item": true,
408
- "valueType": "number"
407
+ "valueType": "string"
409
408
  },
410
- "pluginName": {
411
- "label": "Plugin Name",
409
+ "affectedEntities": {
410
+ "label": "Affected Entities",
412
411
  "source": {
413
412
  "contentType": "snapshots",
414
- "path": "data.pluginName"
413
+ "path": "associatedData.affectedAssets"
415
414
  },
416
415
  "humanReadable": true,
417
- "sortable": true,
416
+ "sortable": false,
418
417
  "filterable": true,
419
- "list": true,
418
+ "list": false,
420
419
  "item": true,
421
- "valueType": "string"
420
+ "valueType": "array"
422
421
  },
423
- "pluginFamily": {
424
- "label": "Plugin Family",
422
+ "affectedEntitiesCount": {
423
+ "label": "Affected Entities Count",
425
424
  "source": {
426
425
  "contentType": "snapshots",
427
- "path": "data.pluginFamily"
426
+ "path": "associatedData.affectedAssets"
428
427
  },
429
428
  "humanReadable": true,
430
- "sortable": true,
431
- "filterable": true,
429
+ "sortable": false,
430
+ "filterable": false,
432
431
  "list": true,
433
432
  "item": true,
434
- "valueType": "string"
433
+ "valueType": "array",
434
+ "format": "count"
435
435
  },
436
- "severity": {
437
- "label": "Severity",
436
+ "source": {
437
+ "label": "Source",
438
438
  "source": {
439
439
  "contentType": "snapshots",
440
- "path": "data.severity"
440
+ "path": "data.source"
441
441
  },
442
442
  "humanReadable": true,
443
443
  "sortable": true,
444
444
  "filterable": true,
445
- "list": true,
445
+ "list": false,
446
446
  "item": true,
447
447
  "valueType": "string"
448
448
  },
449
- "severityLevel": {
450
- "label": "Severity Level",
449
+ "cveId": {
450
+ "label": "CVE",
451
451
  "source": {
452
452
  "contentType": "snapshots",
453
- "path": "data.severityLevel"
453
+ "path": "data.cveId"
454
454
  },
455
455
  "humanReadable": true,
456
456
  "sortable": true,
457
457
  "filterable": true,
458
458
  "list": true,
459
459
  "item": true,
460
- "valueType": "number"
461
- },
462
- "cveIds": {
463
- "label": "CVEs",
464
- "source": {
465
- "contentType": "snapshots",
466
- "path": "data.cveIds"
467
- },
468
- "humanReadable": true,
469
- "sortable": false,
470
- "filterable": true,
471
- "list": true,
472
- "item": true,
473
- "valueType": "array"
460
+ "valueType": "string"
474
461
  },
475
462
  "riskLevel": {
476
463
  "label": "Risk Level",
@@ -524,19 +511,6 @@
524
511
  "item": true,
525
512
  "valueType": "number"
526
513
  },
527
- "epssPercentile": {
528
- "label": "EPSS Percentile",
529
- "source": {
530
- "contentType": "snapshots",
531
- "path": "data.enrichment.epss.percentile"
532
- },
533
- "humanReadable": true,
534
- "sortable": true,
535
- "filterable": true,
536
- "list": true,
537
- "item": true,
538
- "valueType": "number"
539
- },
540
514
  "knownExploited": {
541
515
  "label": "Known Exploited",
542
516
  "source": {
@@ -576,136 +550,39 @@
576
550
  "item": true,
577
551
  "valueType": "string"
578
552
  },
579
- "exploitabilityScore": {
580
- "label": "Exploitability Score",
581
- "source": {
582
- "contentType": "snapshots",
583
- "path": "data.exploitabilityScore"
584
- },
585
- "humanReadable": true,
586
- "sortable": true,
587
- "filterable": true,
588
- "list": true,
589
- "item": true,
590
- "valueType": "number"
591
- },
592
- "exploitabilityLevel": {
593
- "label": "Exploitability Level",
594
- "source": {
595
- "contentType": "snapshots",
596
- "path": "data.exploitabilityLevel"
597
- },
598
- "humanReadable": true,
599
- "sortable": true,
600
- "filterable": true,
601
- "list": true,
602
- "item": true,
603
- "valueType": "string"
604
- },
605
- "assetMatched": {
606
- "label": "Asset Matched",
607
- "source": {
608
- "contentType": "snapshots",
609
- "path": "data.assetMatched"
610
- },
611
- "humanReadable": true,
612
- "sortable": true,
613
- "filterable": true,
614
- "list": false,
615
- "item": true,
616
- "valueType": "boolean"
617
- },
618
- "networkExposure": {
619
- "label": "Network Exposure",
553
+ "enrichedAt": {
554
+ "label": "Enriched At",
620
555
  "source": {
621
556
  "contentType": "snapshots",
622
- "path": "data.mitreAnalysis.networkContext.exposure"
557
+ "path": "data.enrichedAt"
623
558
  },
624
559
  "humanReadable": true,
625
560
  "sortable": true,
626
561
  "filterable": true,
627
- "list": true,
628
- "item": true,
629
- "valueType": "string"
630
- },
631
- "attackPathCount": {
632
- "label": "Attack Path Count",
633
- "source": {
634
- "contentType": "snapshots",
635
- "path": "data.mitreAnalysis.networkContext.paths.paths"
636
- },
637
- "humanReadable": true,
638
- "sortable": false,
639
- "filterable": false,
640
- "list": false,
641
- "item": true,
642
- "valueType": "array"
643
- },
644
- "mitreTechniques": {
645
- "label": "MITRE Techniques",
646
- "source": {
647
- "contentType": "snapshots",
648
- "path": "data.mitreAnalysis.techniques"
649
- },
650
- "humanReadable": true,
651
- "sortable": false,
652
- "filterable": true,
653
- "list": false,
654
- "item": true,
655
- "valueType": "array"
656
- },
657
- "mitreAnalysis": {
658
- "label": "MITRE Analysis",
659
- "source": {
660
- "contentType": "snapshots",
661
- "path": "data.mitreAnalysis"
662
- },
663
- "humanReadable": false,
664
- "sortable": false,
665
- "filterable": false,
666
562
  "list": false,
667
563
  "item": true,
668
- "valueType": "object"
564
+ "valueType": "datetime"
669
565
  }
670
566
  },
671
567
  "relations": {
672
- "affectedAsset": {
673
- "targetEntity": "assets",
674
- "type": "manyToOne",
675
- "source": {
676
- "contentType": "snapshots",
677
- "path": "data.assetIp"
678
- },
679
- "target": {
680
- "contentType": "snapshots",
681
- "path": "data.ip_address"
682
- },
683
- "defaultMode": "extendFields",
684
- "targetFields": [
685
- "ipAddress",
686
- "hostName",
687
- "xdrOperationalStatus",
688
- "xdrAgentStatus",
689
- "potentialImpactLevel"
690
- ]
691
- },
692
- "vulnerabilityGroup": {
693
- "targetEntity": "variabilities-groups",
694
- "type": "manyToOne",
568
+ "groupVulnerabilities": {
569
+ "targetEntity": "vulnerabilities",
570
+ "type": "oneToMany",
695
571
  "source": {
696
572
  "contentType": "snapshots",
697
- "path": "data.pluginId"
573
+ "path": "sourceFacts.values.plugin_id.rawValue"
698
574
  },
699
575
  "target": {
700
576
  "contentType": "snapshots",
701
- "path": "data.plugin_id"
577
+ "path": "sourceFacts.values.pluginId.rawValue"
702
578
  },
703
- "defaultMode": "extendFields",
579
+ "defaultMode": "array",
580
+ "defaultArrayProperty": "vulnerabilities",
704
581
  "targetFields": [
705
- "groupId",
582
+ "vulnerabilityId",
583
+ "assetIp",
706
584
  "pluginName",
707
- "severityLevel",
708
- "affectedEntitiesCount",
585
+ "severity",
709
586
  "riskLevel",
710
587
  "priorityScore"
711
588
  ]
@@ -713,47 +590,50 @@
713
590
  }
714
591
  },
715
592
  {
716
- "id": "variabilities-groups",
717
- "entityName": "variabilities-groups",
718
- "collectionPrefix": "variabilities-groups",
593
+ "id": "vulnerabilities",
594
+ "entityName": "vulnerabilities",
595
+ "defaultListDescriptorId": "vulnerabilities-main-list",
596
+ "defaultItemDescriptorId": "vulnerability-detail-item",
597
+ "target": "event",
598
+ "collectionPrefix": "vulnerabilities",
719
599
  "identity": {
720
600
  "allowedIdFields": [
721
- "entityId",
722
- "eventId"
601
+ "identity.recordId",
602
+ "identity.targetId"
723
603
  ],
724
604
  "requiredExactlyOne": true,
725
- "defaultIdField": "entityId"
605
+ "defaultIdField": "identity.recordId"
726
606
  },
727
607
  "defaults": {
728
608
  "canonicalContentType": "snapshots",
729
609
  "dataRoot": "data",
730
- "effectiveDatePath": "capturedAt",
610
+ "effectiveDatePath": "lifecycle.capturedAt",
731
611
  "fallbackEffectiveDatePaths": [
612
+ "capturedAt",
732
613
  "snapshot.capturedAt",
733
- "data.enrichedAt",
734
614
  "data.enrichment.enrichedAt"
735
615
  ]
736
616
  },
737
617
  "contentTypes": {
738
618
  "snapshots": {
739
619
  "postfix": "snapshots",
740
- "collection": "variabilities-groups-snapshots",
620
+ "collection": "vulnerabilities-snapshots",
741
621
  "dataRoot": "data",
742
622
  "isCanonical": true,
743
- "effectiveDatePath": "capturedAt",
623
+ "effectiveDatePath": "lifecycle.capturedAt",
744
624
  "fallbackEffectiveDatePaths": [
625
+ "capturedAt",
745
626
  "snapshot.capturedAt",
746
- "data.enrichedAt",
747
627
  "data.enrichment.enrichedAt"
748
628
  ]
749
629
  }
750
630
  },
751
631
  "properties": {
752
- "groupId": {
753
- "label": "Group ID",
632
+ "vulnerabilityId": {
633
+ "label": "Vulnerability ID",
754
634
  "source": {
755
635
  "contentType": "snapshots",
756
- "path": "data.id"
636
+ "path": "sourceFacts.values.vulnerabilityId.rawValue"
757
637
  },
758
638
  "humanReadable": true,
759
639
  "sortable": true,
@@ -762,11 +642,11 @@
762
642
  "item": true,
763
643
  "valueType": "string"
764
644
  },
765
- "type": {
766
- "label": "Type",
645
+ "assetIp": {
646
+ "label": "Asset IP",
767
647
  "source": {
768
648
  "contentType": "snapshots",
769
- "path": "data.type"
649
+ "path": "data.assetIp"
770
650
  },
771
651
  "humanReadable": true,
772
652
  "sortable": true,
@@ -775,24 +655,24 @@
775
655
  "item": true,
776
656
  "valueType": "string"
777
657
  },
778
- "pluginId": {
779
- "label": "Plugin ID",
658
+ "assetType": {
659
+ "label": "Asset Type",
780
660
  "source": {
781
661
  "contentType": "snapshots",
782
- "path": "data.plugin_id"
662
+ "path": "data.assetType"
783
663
  },
784
664
  "humanReadable": true,
785
665
  "sortable": true,
786
666
  "filterable": true,
787
667
  "list": true,
788
668
  "item": true,
789
- "valueType": "number"
669
+ "valueType": "string"
790
670
  },
791
- "pluginName": {
792
- "label": "Plugin Name",
671
+ "assetZone": {
672
+ "label": "Asset Zone",
793
673
  "source": {
794
674
  "contentType": "snapshots",
795
- "path": "data.plugin_name"
675
+ "path": "data.assetZone"
796
676
  },
797
677
  "humanReadable": true,
798
678
  "sortable": true,
@@ -801,11 +681,11 @@
801
681
  "item": true,
802
682
  "valueType": "string"
803
683
  },
804
- "pluginFamily": {
805
- "label": "Plugin Family",
684
+ "assetHostname": {
685
+ "label": "Asset Hostname",
806
686
  "source": {
807
687
  "contentType": "snapshots",
808
- "path": "data.plugin_family"
688
+ "path": "data.assetHostname"
809
689
  },
810
690
  "humanReadable": true,
811
691
  "sortable": true,
@@ -814,84 +694,70 @@
814
694
  "item": true,
815
695
  "valueType": "string"
816
696
  },
817
- "severity": {
818
- "label": "Severity",
697
+ "pluginId": {
698
+ "label": "Plugin ID",
819
699
  "source": {
820
700
  "contentType": "snapshots",
821
- "path": "data.severity"
701
+ "path": "sourceFacts.values.pluginId.rawValue"
822
702
  },
823
703
  "humanReadable": true,
824
704
  "sortable": true,
825
705
  "filterable": true,
826
706
  "list": true,
827
707
  "item": true,
828
- "valueType": "string"
708
+ "valueType": "number"
829
709
  },
830
- "severityLevel": {
831
- "label": "Severity Level",
710
+ "pluginName": {
711
+ "label": "Plugin Name",
832
712
  "source": {
833
713
  "contentType": "snapshots",
834
- "path": "data.severity_level"
714
+ "path": "data.vulnerabilityName"
835
715
  },
836
716
  "humanReadable": true,
837
717
  "sortable": true,
838
718
  "filterable": true,
839
719
  "list": true,
840
720
  "item": true,
841
- "valueType": "number"
721
+ "valueType": "string"
842
722
  },
843
- "affectedEntities": {
844
- "label": "Affected Entities",
723
+ "pluginFamily": {
724
+ "label": "Plugin Family",
845
725
  "source": {
846
726
  "contentType": "snapshots",
847
- "path": "data.affected_entities"
727
+ "path": "data.vulnerabilityFamily"
848
728
  },
849
729
  "humanReadable": true,
850
- "sortable": false,
730
+ "sortable": true,
851
731
  "filterable": true,
852
- "list": false,
853
- "item": true,
854
- "valueType": "array"
855
- },
856
- "affectedEntitiesCount": {
857
- "label": "Affected Entities Count",
858
- "source": {
859
- "contentType": "snapshots",
860
- "path": "data.affected_entities"
861
- },
862
- "humanReadable": true,
863
- "sortable": false,
864
- "filterable": false,
865
732
  "list": true,
866
733
  "item": true,
867
- "valueType": "array",
868
- "format": "count"
734
+ "valueType": "string"
869
735
  },
870
- "source": {
871
- "label": "Source",
736
+ "severity": {
737
+ "label": "Severity",
872
738
  "source": {
873
739
  "contentType": "snapshots",
874
- "path": "data.source"
740
+ "path": "data.severity"
875
741
  },
876
742
  "humanReadable": true,
877
743
  "sortable": true,
878
744
  "filterable": true,
879
- "list": false,
745
+ "list": true,
880
746
  "item": true,
881
747
  "valueType": "string"
882
748
  },
883
- "cveIds": {
884
- "label": "CVEs",
749
+ "cveId": {
750
+ "label": "CVE",
885
751
  "source": {
886
752
  "contentType": "snapshots",
887
- "path": "data.cveIds"
753
+ "path": "data.cveId"
888
754
  },
889
755
  "humanReadable": true,
890
- "sortable": false,
756
+ "sortable": true,
891
757
  "filterable": true,
892
758
  "list": true,
893
759
  "item": true,
894
- "valueType": "array"
760
+ "valueType": "string"
895
761
  },
896
762
  "riskLevel": {
897
763
  "label": "Risk Level",
@@ -945,6 +811,19 @@
945
811
  "item": true,
946
812
  "valueType": "number"
947
813
  },
814
+ "epssPercentile": {
815
+ "label": "EPSS Percentile",
816
+ "source": {
817
+ "contentType": "snapshots",
818
+ "path": "data.enrichment.epss.percentile"
819
+ },
820
+ "humanReadable": true,
821
+ "sortable": true,
822
+ "filterable": true,
823
+ "list": true,
824
+ "item": true,
825
+ "valueType": "number"
826
+ },
948
827
  "knownExploited": {
949
828
  "label": "Known Exploited",
950
829
  "source": {
@@ -984,39 +863,136 @@
984
863
  "item": true,
985
864
  "valueType": "string"
986
865
  },
987
- "enrichedAt": {
988
- "label": "Enriched At",
866
+ "exploitabilityScore": {
867
+ "label": "Exploitability Score",
989
868
  "source": {
990
869
  "contentType": "snapshots",
991
- "path": "data.enrichedAt"
870
+ "path": "data.exploitabilityScore"
871
+ },
872
+ "humanReadable": true,
873
+ "sortable": true,
874
+ "filterable": true,
875
+ "list": true,
876
+ "item": true,
877
+ "valueType": "number"
878
+ },
879
+ "exploitabilityLevel": {
880
+ "label": "Exploitability Level",
881
+ "source": {
882
+ "contentType": "snapshots",
883
+ "path": "data.exploitabilityLevel"
884
+ },
885
+ "humanReadable": true,
886
+ "sortable": true,
887
+ "filterable": true,
888
+ "list": true,
889
+ "item": true,
890
+ "valueType": "string"
891
+ },
892
+ "assetMatched": {
893
+ "label": "Asset Matched",
894
+ "source": {
895
+ "contentType": "snapshots",
896
+ "path": "data.assetMatched"
992
897
  },
993
898
  "humanReadable": true,
994
899
  "sortable": true,
995
900
  "filterable": true,
996
901
  "list": false,
997
902
  "item": true,
998
- "valueType": "datetime"
903
+ "valueType": "boolean"
904
+ },
905
+ "networkExposure": {
906
+ "label": "Network Exposure",
907
+ "source": {
908
+ "contentType": "snapshots",
909
+ "path": "data.mitreAnalysis.networkContext.exposure"
910
+ },
911
+ "humanReadable": true,
912
+ "sortable": true,
913
+ "filterable": true,
914
+ "list": true,
915
+ "item": true,
916
+ "valueType": "string"
917
+ },
918
+ "attackPathCount": {
919
+ "label": "Attack Path Count",
920
+ "source": {
921
+ "contentType": "snapshots",
922
+ "path": "data.mitreAnalysis.networkContext.paths.paths"
923
+ },
924
+ "humanReadable": true,
925
+ "sortable": false,
926
+ "filterable": false,
927
+ "list": false,
928
+ "item": true,
929
+ "valueType": "array"
930
+ },
931
+ "mitreTechniques": {
932
+ "label": "MITRE Techniques",
933
+ "source": {
934
+ "contentType": "snapshots",
935
+ "path": "data.mitreAnalysis.techniques"
936
+ },
937
+ "humanReadable": true,
938
+ "sortable": false,
939
+ "filterable": true,
940
+ "list": false,
941
+ "item": true,
942
+ "valueType": "array"
943
+ },
944
+ "mitreAnalysis": {
945
+ "label": "MITRE Analysis",
946
+ "source": {
947
+ "contentType": "snapshots",
948
+ "path": "data.mitreAnalysis"
949
+ },
950
+ "humanReadable": false,
951
+ "sortable": false,
952
+ "filterable": false,
953
+ "list": false,
954
+ "item": true,
955
+ "valueType": "object"
999
956
  }
1000
957
  },
1001
958
  "relations": {
1002
- "groupVulnerabilities": {
1003
- "targetEntity": "vulnerabilities",
1004
- "type": "oneToMany",
959
+ "affectedAsset": {
960
+ "targetEntity": "assets",
961
+ "type": "manyToOne",
1005
962
  "source": {
1006
963
  "contentType": "snapshots",
1007
- "path": "data.plugin_id"
964
+ "path": "data.assetIp"
1008
965
  },
1009
966
  "target": {
1010
967
  "contentType": "snapshots",
1011
- "path": "data.pluginId"
968
+ "path": "data.assetIp"
1012
969
  },
1013
- "defaultMode": "array",
1014
- "defaultArrayProperty": "vulnerabilities",
970
+ "defaultMode": "extendFields",
1015
971
  "targetFields": [
1016
- "vulnerabilityId",
1017
- "assetIp",
972
+ "ipAddress",
973
+ "hostName",
974
+ "xdrOperationalStatus",
975
+ "xdrAgentStatus",
976
+ "potentialImpactLevel"
977
+ ]
978
+ },
979
+ "vulnerabilityGroup": {
980
+ "targetEntity": "variabilities-groups",
981
+ "type": "manyToOne",
982
+ "source": {
983
+ "contentType": "snapshots",
984
+ "path": "sourceFacts.values.pluginId.rawValue"
985
+ },
986
+ "target": {
987
+ "contentType": "snapshots",
988
+ "path": "sourceFacts.values.plugin_id.rawValue"
989
+ },
990
+ "defaultMode": "extendFields",
991
+ "targetFields": [
992
+ "groupId",
1018
993
  "pluginName",
1019
- "severityLevel",
994
+ "severity",
995
+ "affectedEntitiesCount",
1020
996
  "riskLevel",
1021
997
  "priorityScore"
1022
998
  ]