Palo Alto Networks · Schema
DataRisk
DataRisk schema from Palo Alto Networks Prisma Cloud DSPM API
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR
Properties
| Name | Type | Description |
|---|---|---|
| id | string | Unique risk identifier. |
| title | string | Short description of the risk. |
| description | string | Detailed explanation of the risk and its potential impact. |
| riskLevel | string | Severity of the risk. |
| riskCategory | string | Category of the data security risk. |
| status | string | Current status of the risk. |
| dataStoreId | string | Data store where the risk was identified. |
| dataStoreName | string | Name of the affected data store. |
| cloudProvider | string | Cloud provider of the affected data store. |
| cloudAccountId | string | Cloud account ID of the affected data store. |
| region | string | Cloud region of the affected data store. |
| affectedClassifications | array | Classification labels of sensitive data at risk. |
| affectedDataAssetCount | integer | Number of data assets affected by this risk. |
| remediation | object | Recommended remediation steps. |
| detectedAt | string | Timestamp when the risk was first detected. |
| lastEvaluatedAt | string | Timestamp of the most recent risk evaluation. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "DataRisk",
"description": "DataRisk schema from Palo Alto Networks Prisma Cloud DSPM API",
"$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-cloud-dspm-api-data-risk-schema.json",
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique risk identifier."
},
"title": {
"type": "string",
"description": "Short description of the risk."
},
"description": {
"type": "string",
"description": "Detailed explanation of the risk and its potential impact."
},
"riskLevel": {
"type": "string",
"enum": [
"critical",
"high",
"medium",
"low"
],
"description": "Severity of the risk."
},
"riskCategory": {
"type": "string",
"enum": [
"publicExposure",
"encryptionMissing",
"excessivePermissions",
"dataResidency",
"auditLogging",
"backupMissing",
"crossAccountAccess",
"sensitiveDataExposure"
],
"description": "Category of the data security risk."
},
"status": {
"type": "string",
"enum": [
"open",
"remediated",
"suppressed",
"acknowledged"
],
"description": "Current status of the risk."
},
"dataStoreId": {
"type": "string",
"description": "Data store where the risk was identified."
},
"dataStoreName": {
"type": "string",
"description": "Name of the affected data store."
},
"cloudProvider": {
"type": "string",
"enum": [
"aws",
"azure",
"gcp"
],
"description": "Cloud provider of the affected data store."
},
"cloudAccountId": {
"type": "string",
"description": "Cloud account ID of the affected data store."
},
"region": {
"type": "string",
"description": "Cloud region of the affected data store."
},
"affectedClassifications": {
"type": "array",
"items": {
"type": "string"
},
"description": "Classification labels of sensitive data at risk."
},
"affectedDataAssetCount": {
"type": "integer",
"description": "Number of data assets affected by this risk."
},
"remediation": {
"type": "object",
"properties": {
"description": {
"type": "string",
"description": "Human-readable description of the recommended remediation."
},
"steps": {
"type": "array",
"items": {
"type": "string"
},
"description": "Step-by-step remediation instructions."
},
"automatedRemediationAvailable": {
"type": "boolean",
"description": "Whether automated remediation is available."
}
},
"description": "Recommended remediation steps."
},
"detectedAt": {
"type": "string",
"format": "date-time",
"description": "Timestamp when the risk was first detected."
},
"lastEvaluatedAt": {
"type": "string",
"format": "date-time",
"description": "Timestamp of the most recent risk evaluation."
}
}
}