Classes
Access
Represents an access event.
Application
Represents an application associated with a finding.
AttackExposure
An attack exposure contains the results of an attack path simulation run.
AttackExposure.Types
Container for nested types declared in the AttackExposure message type.
AttackPath
A path that an attacker could take to reach an exposed resource.
AttackPath.Types
Container for nested types declared in the AttackPath message type.
AttackPath.Types.AttackPathEdge
Represents a connection between a source node and a destination node in this attack path.
AttackPath.Types.AttackPathNode
Represents one point that an attacker passes through in this attack path.
AttackPath.Types.AttackPathNode.Types
Container for nested types declared in the AttackPathNode message type.
AttackPath.Types.AttackPathNode.Types.AttackStepNode
Detailed steps the attack can take between path nodes.
AttackPath.Types.AttackPathNode.Types.PathNodeAssociatedFinding
A finding that is associated with this node in the attack path.
AttackPathName
Resource name for the AttackPath
resource.
BackupDisasterRecovery
Information related to Google Cloud Backup and DR Service findings.
BatchCreateResourceValueConfigsRequest
Request message to create multiple resource value configs
BatchCreateResourceValueConfigsResponse
Response message for BatchCreateResourceValueConfigs
BigQueryExport
Configures how to deliver Findings to BigQuery Instance.
BigQueryExportName
Resource name for the BigQueryExport
resource.
BulkMuteFindingsRequest
Request message for bulk findings update.
Note:
- If multiple bulk update requests match the same resource, the order in which they get executed is not defined.
- Once a bulk operation is started, there is no way to stop it.
BulkMuteFindingsResponse
The response to a BulkMute request. Contains the LRO information.
CloudDlpDataProfile
The data profile associated with the finding.
CloudDlpDataProfile.Types
Container for nested types declared in the CloudDlpDataProfile message type.
CloudDlpInspection
Details about the Cloud Data Loss Prevention (Cloud DLP) inspection job that produced the finding.
CloudLoggingEntry
Metadata taken from a Cloud Logging LogEntry
Compliance
Contains compliance information about a security standard indicating unmet recommendations.
Connection
Contains information about the IP connection associated with the finding.
Connection.Types
Container for nested types declared in the Connection message type.
Contact
The email address of a contact.
ContactDetails
Details about specific contacts
Container
Container associated with the finding.
CreateBigQueryExportRequest
Request message for creating a BigQuery export.
CreateFindingRequest
Request message for creating a finding.
CreateMuteConfigRequest
Request message for creating a mute config.
CreateNotificationConfigRequest
Request message for creating a notification config.
CreateResourceValueConfigRequest
Request message to create single resource value config
CreateSourceRequest
Request message for creating a source.
Cve
CVE stands for Common Vulnerabilities and Exposures. Information from the CVE record that describes this vulnerability.
Cve.Types
Container for nested types declared in the Cve message type.
Cvssv3
Common Vulnerability Scoring System version 3.
Cvssv3.Types
Container for nested types declared in the Cvssv3 message type.
Database
Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the full resource name populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.
DeleteBigQueryExportRequest
Request message for deleting a BigQuery export.
DeleteMuteConfigRequest
Request message for deleting a mute config. If no location is specified, default is global.
DeleteNotificationConfigRequest
Request message for deleting a notification config.
DeleteResourceValueConfigRequest
Request message to delete resource value config
DlpJobName
Resource name for the DlpJob
resource.
EnvironmentVariable
A name-value pair representing an environment variable used in an operating system process.
ExfilResource
Resource where data was exfiltrated from or exfiltrated to.
Exfiltration
Exfiltration represents a data exfiltration attempt from one or more sources
to one or more targets. The sources
attribute lists the sources of the
exfiltrated data. The targets
attribute lists the destinations the data was
copied to.
ExternalSystem
Representation of third party SIEM/SOAR fields within SCC.
ExternalSystem.Types
Container for nested types declared in the ExternalSystem message type.
ExternalSystem.Types.TicketInfo
Information about the ticket, if any, that is being used to track the resolution of the issue that is identified by this finding.
ExternalSystemName
Resource name for the ExternalSystem
resource.
File
File information about the related binary/library used by an executable, or the script used by a script interpreter
File.Types
Container for nested types declared in the File message type.
File.Types.DiskPath
Path of the file in terms of underlying disk/partition identifiers.
Finding
Security Command Center finding.
A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.
Finding.Types
Container for nested types declared in the Finding message type.
FindingName
Resource name for the Finding
resource.
FolderLocationName
Resource name for the FolderLocation
resource.
Geolocation
Represents a geographical location for a given access.
GetBigQueryExportRequest
Request message for retrieving a BigQuery export.
GetMuteConfigRequest
Request message for retrieving a mute config. If no location is specified, default is global.
GetNotificationConfigRequest
Request message for getting a notification config.
GetResourceValueConfigRequest
Request message to get resource value config
GetSimulationRequest
Request message for getting simulation. Simulation name can include "latest" to retrieve the latest simulation For example, "organizations/123/simulations/latest"
GetSourceRequest
Request message for getting a source.
GetValuedResourceRequest
Request message for getting a valued resource.
GroupFindingsRequest
Request message for grouping by findings.
GroupFindingsResponse
Response message for group by findings.
GroupResult
Result containing the properties and count of a groupBy request.
IamBinding
Represents a particular IAM binding, which captures a member's role addition, removal, or state.
IamBinding.Types
Container for nested types declared in the IamBinding message type.
Indicator
Represents what's commonly known as an indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. For more information, see Indicator of compromise.
Indicator.Types
Container for nested types declared in the Indicator message type.
Indicator.Types.ProcessSignature
Indicates what signature matched this process.
Indicator.Types.ProcessSignature.Types
Container for nested types declared in the ProcessSignature message type.
Indicator.Types.ProcessSignature.Types.MemoryHashSignature
A signature corresponding to memory page hashes.
Indicator.Types.ProcessSignature.Types.MemoryHashSignature.Types
Container for nested types declared in the MemoryHashSignature message type.
Indicator.Types.ProcessSignature.Types.MemoryHashSignature.Types.Detection
Memory hash detection contributing to the binary family match.
Indicator.Types.ProcessSignature.Types.YaraRuleSignature
A signature corresponding to a YARA rule.
KernelRootkit
Kernel mode rootkit signatures.
Kubernetes
Kubernetes-related attributes.
Kubernetes.Types
Container for nested types declared in the Kubernetes message type.
Kubernetes.Types.AccessReview
Conveys information about a Kubernetes access review (such as one returned
by a kubectl auth
can-i
command) that was involved in a finding.
Kubernetes.Types.Binding
Represents a Kubernetes RoleBinding or ClusterRoleBinding.
Kubernetes.Types.Node
Kubernetes nodes associated with the finding.
Kubernetes.Types.NodePool
Provides GKE node pool information.
Kubernetes.Types.Object
Kubernetes object related to the finding, uniquely identified by GKNN. Used if the object Kind is not one of Pod, Node, NodePool, Binding, or AccessReview.
Kubernetes.Types.Pod
A Kubernetes Pod.
Kubernetes.Types.Role
Kubernetes Role or ClusterRole.
Kubernetes.Types.Role.Types
Container for nested types declared in the Role message type.
Kubernetes.Types.Subject
Represents a Kubernetes subject.
Kubernetes.Types.Subject.Types
Container for nested types declared in the Subject message type.
Label
Represents a generic name-value label. A label has separate name and value
fields to support filtering with the contains()
function. For more
information, see Filtering on array-type
fields.
ListAttackPathsRequest
Request message for listing the attack paths for a given simulation or valued resource.
ListAttackPathsResponse
Response message for listing the attack paths for a given simulation or valued resource.
ListBigQueryExportsRequest
Request message for listing BigQuery exports at a given scope e.g. organization, folder or project.
ListBigQueryExportsResponse
Response message for listing BigQuery exports.
ListFindingsRequest
Request message for listing findings.
ListFindingsResponse
Response message for listing findings.
ListFindingsResponse.Types
Container for nested types declared in the ListFindingsResponse message type.
ListFindingsResponse.Types.ListFindingsResult
Result containing the Finding.
ListFindingsResponse.Types.ListFindingsResult.Types
Container for nested types declared in the ListFindingsResult message type.
ListFindingsResponse.Types.ListFindingsResult.Types.Resource
Information related to the Google Cloud resource that is associated with this finding.
ListMuteConfigsRequest
Request message for listing mute configs at a given scope e.g. organization, folder or project. If no location is specified, default is global.
ListMuteConfigsResponse
Response message for listing mute configs.
ListNotificationConfigsRequest
Request message for listing notification configs.
ListNotificationConfigsResponse
Response message for listing notification configs.
ListResourceValueConfigsRequest
Request message to list resource value configs of a parent
ListResourceValueConfigsResponse
Response message to list resource value configs
ListSourcesRequest
Request message for listing sources.
ListSourcesResponse
Response message for listing sources.
ListValuedResourcesRequest
Request message for listing the valued resources for a given simulation.
ListValuedResourcesResponse
Response message for listing the valued resources for a given simulation.
LoadBalancer
Contains information related to the load balancer associated with the finding.
LogEntry
An individual entry in a log.
MitreAttack
MITRE ATT&CK tactics and techniques related to this finding. See: https://attack.mitre.org
MitreAttack.Types
Container for nested types declared in the MitreAttack message type.
MuteConfig
A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.
MuteConfig.Types
Container for nested types declared in the MuteConfig message type.
MuteConfigName
Resource name for the MuteConfig
resource.
NotificationConfig
Cloud Security Command Center (Cloud SCC) notification configs.
A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
NotificationConfig.Types
Container for nested types declared in the NotificationConfig message type.
NotificationConfig.Types.StreamingConfig
The config for streaming-based notifications, which send each event as soon as it is detected.
NotificationConfigName
Resource name for the NotificationConfig
resource.
NotificationMessage
Cloud SCC's Notification
OrgPolicy
Contains information about the org policies associated with the finding.
OrganizationLocationName
Resource name for the OrganizationLocation
resource.
Package
Package is a generic definition of a package.
PolicyName
Resource name for the Policy
resource.
Process
Represents an operating system process.
Reference
Additional Links
Resource
Information related to the Google Cloud resource.
ResourceValueConfig
A resource value config (RVC) is a mapping configuration of user's resources to resource values. Used in Attack path simulations.
ResourceValueConfig.Types
Container for nested types declared in the ResourceValueConfig message type.
ResourceValueConfig.Types.SensitiveDataProtectionMapping
Resource value mapping for Sensitive Data Protection findings If any of these mappings have a resource value that is not unspecified, the resource_value field will be ignored when reading this configuration.
ResourceValueConfigMetadata
Metadata about a ResourceValueConfig. For example, id and name.
ResourceValueConfigName
Resource name for the ResourceValueConfig
resource.
SecurityBulletin
SecurityBulletin are notifications of vulnerabilities of Google products.
SecurityCenter
V2 APIs for Security Center service.
SecurityCenter.SecurityCenterBase
Base class for server-side implementations of SecurityCenter
SecurityCenter.SecurityCenterClient
Client for SecurityCenter
SecurityCenterClient
SecurityCenter client wrapper, for convenient use.
SecurityCenterClientBuilder
Builder class for SecurityCenterClient to provide simple configuration of credentials, endpoint etc.
SecurityCenterClientImpl
SecurityCenter client wrapper implementation, for convenient use.
SecurityCenterSettings
Settings for SecurityCenterClient instances.
SecurityMarks
User specified security marks that are attached to the parent Security Command Center resource. Security marks are scoped within a Security Command Center organization -- they can be modified and viewed by all users who have proper permissions on the organization.
SecurityMarksName
Resource name for the SecurityMarks
resource.
SecurityPosture
Represents a posture that is deployed on Google Cloud by the Security Command Center Posture Management service. A posture contains one or more policy sets. A policy set is a group of policies that enforce a set of security rules on Google Cloud.
SecurityPosture.Types
Container for nested types declared in the SecurityPosture message type.
SecurityPosture.Types.PolicyDriftDetails
The policy field that violates the deployed posture and its expected and detected values.
ServiceAccountDelegationInfo
Identity delegation history of an authenticated service account.
SetFindingStateRequest
Request message for updating a finding's state.
SetMuteRequest
Request message for updating a finding's mute status.
Simulation
Attack path simulation
SimulationName
Resource name for the Simulation
resource.
Source
Security Command Center finding source. A finding source is an entity or a mechanism that can produce a finding. A source is like a container of findings that come from the same scanner, logger, monitor, and other tools.
SourceName
Resource name for the Source
resource.
TableDataProfileName
Resource name for the TableDataProfile
resource.
TopicName
Resource name for the Topic
resource.
UpdateBigQueryExportRequest
Request message for updating a BigQuery export.
UpdateExternalSystemRequest
Request message for updating a ExternalSystem resource.
UpdateFindingRequest
Request message for updating or creating a finding.
UpdateMuteConfigRequest
Request message for updating a mute config.
UpdateNotificationConfigRequest
Request message for updating a notification config.
UpdateResourceValueConfigRequest
Request message to update resource value config
UpdateSecurityMarksRequest
Request message for updating a SecurityMarks resource.
UpdateSourceRequest
Request message for updating a source.
ValuedResource
A resource that is determined to have value to a user's system
ValuedResource.Types
Container for nested types declared in the ValuedResource message type.
ValuedResourceName
Resource name for the ValuedResource
resource.
Vulnerability
Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
Enums
AttackExposure.Types.State
This enum defines the various states an AttackExposure can be in.
AttackPath.Types.AttackPathNode.Types.NodeType
The type of the incoming attack step node.
AttackPathName.ResourceNameType
The possible contents of AttackPathName.
BigQueryExportName.ResourceNameType
The possible contents of BigQueryExportName.
CloudDlpDataProfile.Types.ParentType
Parents for configurations that produce data profile findings.
Connection.Types.Protocol
IANA Internet Protocol Number such as TCP(6) and UDP(17).
Cve.Types.ExploitationActivity
The possible values of exploitation activity of the vulnerability in the wild.
Cve.Types.RiskRating
The possible values of impact of the vulnerability if it was to be exploited.
Cvssv3.Types.AttackComplexity
This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.
Cvssv3.Types.AttackVector
This metric reflects the context by which vulnerability exploitation is possible.
Cvssv3.Types.Impact
The Impact metrics capture the effects of a successfully exploited vulnerability on the component that suffers the worst outcome that is most directly and predictably associated with the attack.
Cvssv3.Types.PrivilegesRequired
This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
Cvssv3.Types.Scope
The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
Cvssv3.Types.UserInteraction
This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.
DlpJobName.ResourceNameType
The possible contents of DlpJobName.
ExternalSystemName.ResourceNameType
The possible contents of ExternalSystemName.
Finding.Types.FindingClass
Represents what kind of Finding it is.
Finding.Types.Mute
Mute state a finding can be in.
Finding.Types.Severity
The severity of the finding.
Finding.Types.State
The state of the finding.
FindingName.ResourceNameType
The possible contents of FindingName.
FolderLocationName.ResourceNameType
The possible contents of FolderLocationName.
IamBinding.Types.Action
The type of action performed on a Binding in a policy.
Indicator.Types.ProcessSignature.SignatureOneofCase
Enum of possible cases for the "signature" oneof.
Indicator.Types.ProcessSignature.Types.SignatureType
Possible resource types to be associated with a signature.
Kubernetes.Types.Role.Types.Kind
Types of Kubernetes roles.
Kubernetes.Types.Subject.Types.AuthType
Auth types that can be used for the subject's kind field.
LogEntry.LogEntryOneofCase
Enum of possible cases for the "log_entry" oneof.
MitreAttack.Types.Tactic
MITRE ATT&CK tactics that can be referenced by SCC findings. See: https://attack.mitre.org/tactics/enterprise/
MitreAttack.Types.Technique
MITRE ATT&CK techniques that can be referenced by SCC findings. See: https://attack.mitre.org/techniques/enterprise/ Next ID: 59
MuteConfig.Types.MuteConfigType
The type of MuteConfig.
MuteConfigName.ResourceNameType
The possible contents of MuteConfigName.
NotificationConfig.NotifyConfigOneofCase
Enum of possible cases for the "notify_config" oneof.
NotificationConfigName.ResourceNameType
The possible contents of NotificationConfigName.
NotificationMessage.EventOneofCase
Enum of possible cases for the "event" oneof.
OrganizationLocationName.ResourceNameType
The possible contents of OrganizationLocationName.
PolicyName.ResourceNameType
The possible contents of PolicyName.
ResourceValue
Value enum to map to a resource
ResourceValueConfigName.ResourceNameType
The possible contents of ResourceValueConfigName.
SecurityMarksName.ResourceNameType
The possible contents of SecurityMarksName.
SimulationName.ResourceNameType
The possible contents of SimulationName.
SourceName.ResourceNameType
The possible contents of SourceName.
TableDataProfileName.ResourceNameType
The possible contents of TableDataProfileName.
TopicName.ResourceNameType
The possible contents of TopicName.
ValuedResource.Types.ResourceValue
How valuable the resource is.
ValuedResourceName.ResourceNameType
The possible contents of ValuedResourceName.