The Open Ports data feed provides details on Open Port findings, along with the following data sets:
- Assets – Information about IPs and domains associated with findings.
- Asset Event – How assets are attributed to findings.
- Vulnerability Catalog – Detailed metadata on vulnerabilities in your Vulnerability Intelligence subscription.
- Vulnerability Occurrence – Associates vulnerabilities to findings.
Data Structure Diagram
Data Solutions data feeds are optimized for relational databases. Refer to the structure conveyed in the following diagram to make the best use of entity relationships within the Open Ports Intelligence data feed:
Schema
Field | Description |
---|---|
temporary_finding_id String [ |
The temporary unique identifier for this finding. |
entity_guid String [ |
The unique identifier of the company. |
event_date String [ |
When the finding was first observed. |
affects_rating Boolean |
true = This finding affects the rating. |
country String |
The country where the asset attributed with this finding is located. |
country_code String |
The country code where the asset attributed with this finding is located. |
decay_date String [ |
The date when this finding stops impacting the rating if nothing else changes. |
event_grade String |
The finding grade. |
evidence_key String |
The source of evidence for the finding. It may be from an IP address, domain, IP/domain combination, or port. |
first_seen String [ |
The first time the finding was observed. |
impacts_risk_vector_code String |
A reason code for why the finding does not impact on the rating. |
impacts_risk_vector_label String |
The reason why the finding no longer impacts the rating. |
last_seen String [ |
The most recent time the finding was observed. |
observation_id String |
The unique identifier of this observation. |
remediation_duration Integer |
The number of days it took to remediate the finding. |
risk_category String |
The risk category. |
risk_vector String |
The risk vector slug name. |
risk_vector_label String |
The risk vector name. |
rollup_start_date String [ |
The date when this finding was first observed. |
rollup_end_date String [ |
The date when the infection was last observed. |
rolledup_observation_id String |
A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. |
severity Decimal |
This finding’s Bitsight severity. |
severity_category String |
This finding’s Bitsight severity. |
product String |
The product, service, or web server observed to be running on the port. |
message String |
Summarizes the effectiveness of the DKIM record. |
version String |
The server software version. |
transport String |
The transmission protocol used in the connection. |
cpe Array |
Common Platform Enumeration (CPE) names. |
- September 11, 2024: Published.
Feedback
0 comments
Please sign in to leave a comment.