Web Security Scanner v1 API - Class Finding (2.2.0)

public sealed class Finding : IMessage<Finding>, IEquatable<Finding>, IDeepCloneable<Finding>, IBufferMessage, IMessage

Reference documentation and code samples for the Web Security Scanner v1 API class Finding.

A Finding resource represents a vulnerability instance identified during a ScanRun.

Inheritance

Object > Finding

Namespace

Google.Cloud.WebSecurityScanner.V1

Assembly

Google.Cloud.WebSecurityScanner.V1.dll

Constructors

Finding()

public Finding()

Finding(Finding)

public Finding(Finding other)
Parameter
NameDescription
otherFinding

Properties

Body

public string Body { get; set; }

Output only. The body of the request that triggered the vulnerability.

Property Value
TypeDescription
String

Description

public string Description { get; set; }

Output only. The description of the vulnerability.

Property Value
TypeDescription
String

FinalUrl

public string FinalUrl { get; set; }

Output only. The URL where the browser lands when the vulnerability is detected.

Property Value
TypeDescription
String

FindingName

public FindingName FindingName { get; set; }

FindingName-typed view over the Name resource name property.

Property Value
TypeDescription
FindingName

FindingType

public string FindingType { get; set; }

Output only. The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings

Property Value
TypeDescription
String

Form

public Form Form { get; set; }

Output only. An addon containing information reported for a vulnerability with an HTML form, if any.

Property Value
TypeDescription
Form

FrameUrl

public string FrameUrl { get; set; }

Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.

Property Value
TypeDescription
String

FuzzedUrl

public string FuzzedUrl { get; set; }

Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.

Property Value
TypeDescription
String

HttpMethod

public string HttpMethod { get; set; }

Output only. The http method of the request that triggered the vulnerability, in uppercase.

Property Value
TypeDescription
String

Name

public string Name { get; set; }

Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.

Property Value
TypeDescription
String

OutdatedLibrary

public OutdatedLibrary OutdatedLibrary { get; set; }

Output only. An addon containing information about outdated libraries.

Property Value
TypeDescription
OutdatedLibrary

ReproductionUrl

public string ReproductionUrl { get; set; }

Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.

Property Value
TypeDescription
String

Severity

public Finding.Types.Severity Severity { get; set; }

Output only. The severity level of the reported vulnerability.

Property Value
TypeDescription
Finding.Types.Severity

TrackingId

public string TrackingId { get; set; }

Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.

Property Value
TypeDescription
String

ViolatingResource

public ViolatingResource ViolatingResource { get; set; }

Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

Property Value
TypeDescription
ViolatingResource

VulnerableHeaders

public VulnerableHeaders VulnerableHeaders { get; set; }

Output only. An addon containing information about vulnerable or missing HTTP headers.

Property Value
TypeDescription
VulnerableHeaders

VulnerableParameters

public VulnerableParameters VulnerableParameters { get; set; }

Output only. An addon containing information about request parameters which were found to be vulnerable.

Property Value
TypeDescription
VulnerableParameters

Xss

public Xss Xss { get; set; }

Output only. An addon containing information reported for an XSS, if any.

Property Value
TypeDescription
Xss

Xxe

public Xxe Xxe { get; set; }

Output only. An addon containing information reported for an XXE, if any.

Property Value
TypeDescription
Xxe