Palo Alto Networks · Schema

PostureCheck

PostureCheck schema from Palo Alto Networks SaaS Security Posture Management API

Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR

Properties

Name Type Description
check_id string Unique identifier of the posture check result.
app_id string ID of the onboarded application this check applies to.
check_name string Name of the security posture check.
check_type string Category of the posture check.
severity string Severity level if the check fails.
status string Current result status of the check.
description string Description of what the check evaluates.
remediation string Step-by-step remediation guidance for failed checks.
compliance_frameworks array Compliance frameworks this check maps to (e.g., CIS, SOC2, ISO27001).
last_evaluated_at string Timestamp when the check was last evaluated.
suppression_justification string Justification text if the check is suppressed.
View JSON Schema on GitHub

JSON Schema

sspm-api-posture-check-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "title": "PostureCheck",
  "description": "PostureCheck schema from Palo Alto Networks SaaS Security Posture Management API",
  "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/sspm-api-posture-check-schema.json",
  "type": "object",
  "properties": {
    "check_id": {
      "type": "string",
      "description": "Unique identifier of the posture check result."
    },
    "app_id": {
      "type": "string",
      "description": "ID of the onboarded application this check applies to."
    },
    "check_name": {
      "type": "string",
      "description": "Name of the security posture check."
    },
    "check_type": {
      "type": "string",
      "enum": [
        "access_control",
        "authentication",
        "data_protection",
        "logging",
        "network_security",
        "configuration"
      ],
      "description": "Category of the posture check."
    },
    "severity": {
      "type": "string",
      "enum": [
        "informational",
        "low",
        "medium",
        "high",
        "critical"
      ],
      "description": "Severity level if the check fails."
    },
    "status": {
      "type": "string",
      "enum": [
        "pass",
        "fail",
        "error",
        "suppressed"
      ],
      "description": "Current result status of the check."
    },
    "description": {
      "type": "string",
      "description": "Description of what the check evaluates."
    },
    "remediation": {
      "type": "string",
      "description": "Step-by-step remediation guidance for failed checks."
    },
    "compliance_frameworks": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "description": "Compliance frameworks this check maps to (e.g., CIS, SOC2, ISO27001)."
    },
    "last_evaluated_at": {
      "type": "string",
      "format": "date-time",
      "description": "Timestamp when the check was last evaluated."
    },
    "suppression_justification": {
      "type": "string",
      "description": "Justification text if the check is suppressed."
    }
  }
}