getIssueGraph
getIssueGraph API
The getIssueGraph API retrieves the attack path graph for a specific security issue identified during a scan. This graph visualizes the relationships between vulnerabilities, affected components, and their connections within the organization's environment. It helps security teams understand how an issue can be exploited, assess its impact, and prioritize remediation efforts effectively.
With this API, you can:
Visualize the attack path: Retrieve a graphical representation of how a security issue propagates through dependencies, services, and infrastructure.
Analyze relationships and impact: Identify connections between vulnerabilities, affected components, and potential exploit paths within your organization.
Enhance remediation strategies: Use the attack path insights to prioritize and mitigate security risks effectively.
Type
Query
Query Example
Parameters
Parameter
Type
Description
issueId
String!
The ID of the issue for which you want to present the attack path.
Request object variables
Object Variable
Type
Description
edges
[Edge!]!
nodes
[Node!]!
edges object variables
edges object variablesObject Variable
Type
Description
id
Float!
Unique identifier for the edge.
metaData
JSON
Additional metadata associated with the edge.
source
Float!
Identifier of the source node in the graph.
target
Float!
Identifier of the target node in the graph.
type
EdgeType!
Specifies the type of edge connecting two nodes
nodes object variables
nodes object variablesObject Variable
Type
Description
Value
id
Float!
Unique identifier for the node.
metaData
JSON!
Additional metadata associated with the node.
type
NodeType!
Node type values
Root: Represents the root node in a hierarchical or graph structure. IssueOwner: Identifies the owner responsible for addressing an issue. Language: Represents a programming language or technology stack. FirstSeen: Timestamp or indicator for when an entity was first detected. Oscar: Refers to an OSC&R (Open Source Cybersecurity & Risk) framework component. OscarItem: A specific item or technique within the OSC&R framework. Cwe: Common Weakness Enumeration (CWE) category representing a type of vulnerability. CweItem: A specific CWE identifier detailing a vulnerability type. Compliance: Represents compliance standards or frameworks. ComplianceItem: A specific compliance rule, requirement, or control. SeverityFactor: A contributing factor to the severity rating of an issue. SeverityFactorChange: The severity factor impact. SeverityFactorCategory: Groups severity factors into broader risk categories. Commit: Represents a code commit in a version control system. CommitItem: Specific details of a code commit, such as author or changes. CommitItemCommitBy: Identifies the user who made a code commit. User: Represents an individual user in a system. UserItem: Details about a specific user. Repos: Collection of repositories in a version control system. ReposItem: Specific details about a repository. Artifact: Represents a built or deployed artifact in a software pipeline. ArtifactItem: Specific details about an artifact, such as version and dependencies. CommitItemCommitDate: Timestamp indicating when a code commit was made. CommitItemCommitReviewedBy: Identifies the user who reviewed a commit. CommitItemFile: Represents a file changed in a commit. Library: Represents a software library or package. Popularity: Represents the popularity or usage metrics of a library or package. Maintenance: Represents the maintenance status or activity level of a package. License: Represents the software license associated with a package or library. Action: Represents an action taken in response to an event. Slack: Represents a Slack integration or notification. SlackItem: Specific details of a Slack message or event. JiraTicket: Represents a Jira ticket for issue tracking. JiraTicketItem: Specific details of a Jira ticket. Pr: Represents a pull request (PR) in a version control system. PrItem: Specific details about a pull request. App: Represents an application in a system. BusinessPriority: Represents the business priority assigned to an application. AppLink: Represents a link associated with an application. AppLanguage: Represents the programming language(s) used in an application. Link: Represents a generic hyperlink reference. Tag: Represents a tag used for categorization or classification. TagItem: Specific details of a tag, such as metadata. Cve: Represents a Common Vulnerabilities and Exposures (CVE) entry. CveItem: Specific details about a CVE, including severity. Detection: Represents a security detection or finding. Intelligence: Represents threat intelligence data or analysis. Saas: Represents a Software as a Service (SaaS) application. Api: Represents an API (Application Programming Interface). ApiFileName: Represents the filename associated with an API definition. ApiFramework: Represents the framework used to develop an API. ApiFunction: Represents a specific function within an API. ApiLink: Represents a reference link for an API. ApiSource: Represents the source or origin of an API. ApiCount: Represents the number of APIs detected. Image: Represents a container image. ImageId: Represents the unique identifier for a container image. ImageArtifact: Represents an artifact associated with a container image. K8s: Represents a Kubernetes-related resource. K8sLink: Represents a link to a Kubernetes resource. K8sImageId: Represents the image identifier in a Kubernetes deployment. K8sApplication: Represents a Kubernetes application. K8sIngress: Represents an Ingress resource in Kubernetes. K8sLoadBalancer: Represents a Kubernetes load balancer. Cloud: Represents a cloud environment or resource. CloudRegion: Represents a specific cloud region. CloudDns: Represents a cloud DNS record. CloudLink: Represents a reference link for a cloud resource. CloudLoadBalancer: Represents a load balancer in a cloud environment. CloudNetworkLoadBalancer: Represents a network load balancer in a cloud environment. ApplicationLoadBalancer: Represents an application layer load balancer. Internet: Represents an internet-facing resource.