StackHawk · Schema

StackHawk Security Finding

A security vulnerability identified during a DAST scan

API SecurityApplication SecurityDASTSecurity TestingVulnerability Management

Properties

Name Type Description
findingId string Unique finding identifier
scanId string Associated scan ID
severity string DAST finding severity level
title string Finding title / vulnerability name
description string Detailed description of the vulnerability
path string API endpoint path where the finding was detected
method string HTTP method of the vulnerable endpoint
View JSON Schema on GitHub

JSON Schema

stackhawk-finding-schema.json Raw ↑ 
{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "$id": "https://api.stackhawk.com/schemas/finding",
  "title": "StackHawk Security Finding",
  "description": "A security vulnerability identified during a DAST scan",
  "type": "object",
  "properties": {
    "findingId": { "type": "string", "description": "Unique finding identifier" },
    "scanId": { "type": "string", "description": "Associated scan ID" },
    "severity": {
      "type": "string",
      "enum": ["LOW", "MEDIUM", "HIGH", "CRITICAL"],
      "description": "DAST finding severity level"
    },
    "title": { "type": "string", "description": "Finding title / vulnerability name" },
    "description": { "type": "string", "description": "Detailed description of the vulnerability" },
    "path": { "type": "string", "description": "API endpoint path where the finding was detected" },
    "method": { "type": "string", "description": "HTTP method of the vulnerable endpoint" }
  },
  "required": ["findingId", "scanId", "severity", "title"]
}