External DocumentationTo learn more, visit the Prisma Cloud CWP documentation.
Basic Parameters
| Parameter | Description |
|---|---|
| Daemonset Image IDs | A comma-separated list of image IDs available in daemonset to filter by. |
| Limit | The maximum number of items to return from a collection. |
| Offset | The offset of the first item to return from a collection. |
| Registry Image IDs | A comma-separated list of registry image IDs to filter by. |
| Reverse | Select to sort the results in reverse order. |
| Sort By | Sort the results using a key. |
Advanced Parameters
| Parameter | Description |
|---|---|
| CAAS Spec References Launch Types | A comma-separated list of registry images that were deployed as a container through specific launch types to filter by. |
| CAAS Spec References Service Types | A comma-separated list of registry images that were deployed as a container through specific service types to filter by. |
| CVE Image Layer | Select if the CVEs are mapped to a specific image layer. |
| Compact Image Data | Select to return the minimal image data. If selected information about vulnerabilities, compliance and extended image metadata are skipped. |
| Filter Base Image | Select to filter the base image for vulnerabilities. Note: Requires predefined base images that have already been scanned. |
| Full Image Names | A comma-separated list of image names to filter by. |
| Has CAAS Spec References | Select to filter the results by registry images that have CAAS spec references. |
| Image Registry Names | A comma-separated list of image registry names to filter by. |
| Image Repository Names | A comma-separated list of image repository names to filter by. |
| Normalized Severity | Select to retrieve the results in a normalized form of Low, Medium, High, Critical, based on vulnerability severity. |
| uaiID | Filter the results by uaiID. |
Example Output
Copy
Ask AI
[
{
"Secrets": [
"string"
],
"_id": "string",
"agentless": true,
"aisUUID": "string",
"allCompliance": {
"compliance": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go",
"app",
"unknown"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key",
"AWS MWS Auth Token",
"Azure Storage Account Access Key",
"Azure Service Principal",
"GCP Service Account Auth Key",
"Private Encryption Key",
"Public Encryption Key",
"PEM X509 Certificate Header",
"SSH Authorized Keys",
"Artifactory API Token",
"Artifactory Password",
"Basic Auth Credentials",
"Mailchimp Access Key",
"NPM Token",
"Slack Token",
"Slack Webhook",
"Square OAuth Secret",
"Notion Integration Token",
"Airtable API Key",
"Atlassian Oauth2 Keys",
"CircleCI Personal Token",
"Databricks Authentication Token",
"GitHub Token",
"GitLab Token",
"Google API key",
"Grafana Token",
"Python Package Index Key (PYPI)",
"Typeform API Token",
"Scalr Token",
"Braintree Access Token",
"Braintree Payments Key",
"Paypal Token Key",
"Braintree Payments ID",
"Datadog Client Token",
"ClickUp Personal API Token",
"OpenAI API Key",
"Java DB Connectivity (JDBC)",
"MongoDB",
".Net SQL Server"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux",
"gke_worker",
"image_malware",
"host_malware",
"aks_worker",
"eks_worker",
"image_secret",
"host_secret"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
],
"enabled": true
},
"appEmbedded": true,
"applications": [
{
"installedFromPackage": true,
"knownVulnerabilities": 0,
"layerTime": 0,
"md5": "string",
"name": "string",
"originPackageName": "string",
"path": "string",
"rpmModule": "string",
"service": true,
"version": "string"
}
],
"baseImage": "string",
"binaries": [
{
"altered": true,
"cveCount": 0,
"deps": [
"string"
],
"fileMode": 0,
"functionLayer": "string",
"md5": "string",
"missingPkg": true,
"name": "string",
"path": "string",
"pkgRootDir": "string",
"services": [
"string"
],
"version": "string"
}
],
"caasSpecReferencesLaunchTypes": [
"string"
],
"caasSpecReferencesServiceTypes": [
"aws-ecr",
"aws-lambda",
"aws-ecs-task-definition",
"aws-ec2",
"aws-eks",
"aws-eks-fargate-container",
"aws-ecs",
"aws-s3",
"aws-config",
"aws-cloud-trail",
"aws-kms",
"aws-cloud-watch",
"aws-sns",
"aws-security-hub",
"aws-secrets-manager",
"aws-parameter-store",
"azure-acr",
"azure-functions",
"azure-aks",
"azure-aci",
"azure-vm",
"gcp-gcr",
"gcp-gcf",
"gcp-gke",
"gcp-vm",
"gcp-artifact",
"gcp-cloud-run-service",
"oci-instance"
],
"caasSpecReferencesTotal": 0,
"cloudMetadata": {
"accountID": "string",
"awsExecutionEnv": "string",
"azure": {
"aci": {
"containerGroup": "string"
},
"resourceGroup": "string"
},
"gcp": {
"cloudRun": {
"revision": "string",
"service": "string"
}
},
"image": "string",
"labels": [
{
"key": "string",
"sourceName": "string",
"sourceType": [
"namespace",
"deployment",
"pod",
"aws",
"azure",
"gcp",
"oci"
],
"timestamp": "2024-07-29T15:51:28.071Z",
"value": "string"
}
],
"name": "string",
"ociTenantID": "string",
"provider": [
"aws",
"azure",
"gcp",
"alibaba",
"oci",
"others"
],
"region": "string",
"resourceID": "string",
"resourceURL": "string",
"type": "string",
"vmID": "string",
"vmImageID": "string"
},
"clusterType": [
"AKS",
"ECS",
"EKS",
"GKE",
"Kubernetes"
],
"clusters": [
"string"
],
"collections": [
"string"
],
"complianceDistribution": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"complianceIssues": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go",
"app",
"unknown"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key",
"AWS MWS Auth Token",
"Azure Storage Account Access Key",
"Azure Service Principal",
"GCP Service Account Auth Key",
"Private Encryption Key",
"Public Encryption Key",
"PEM X509 Certificate Header",
"SSH Authorized Keys",
"Artifactory API Token",
"Artifactory Password",
"Basic Auth Credentials",
"Mailchimp Access Key",
"NPM Token",
"Slack Token",
"Slack Webhook",
"Square OAuth Secret",
"Notion Integration Token",
"Airtable API Key",
"Atlassian Oauth2 Keys",
"CircleCI Personal Token",
"Databricks Authentication Token",
"GitHub Token",
"GitLab Token",
"Google API key",
"Grafana Token",
"Python Package Index Key (PYPI)",
"Typeform API Token",
"Scalr Token",
"Braintree Access Token",
"Braintree Payments Key",
"Paypal Token Key",
"Braintree Payments ID",
"Datadog Client Token",
"ClickUp Personal API Token",
"OpenAI API Key",
"Java DB Connectivity (JDBC)",
"MongoDB",
".Net SQL Server"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux",
"gke_worker",
"image_malware",
"host_malware",
"aks_worker",
"eks_worker",
"image_secret",
"host_secret"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
],
"complianceIssuesCount": 0,
"complianceRiskScore": 0,
"compressed": true,
"compressedLayerTimes": {
"appTimes": [
0
],
"pkgsTimes": [
{
"pkgTimes": [
0
],
"pkgsType": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go",
"app",
"unknown"
]
}
]
},
"creationTime": "2024-07-29T15:51:28.071Z",
"csa": true,
"csaWindows": true,
"distro": "string",
"ecsClusterName": "string",
"err": "string",
"errCode": 0,
"externalLabels": [
{
"key": "string",
"sourceName": "string",
"sourceType": [
"namespace",
"deployment",
"pod",
"aws",
"azure",
"gcp",
"oci"
],
"timestamp": "2024-07-29T15:51:28.071Z",
"value": "string"
}
],
"files": [
{
"md5": "string",
"original_file_location": "string",
"path": "string",
"sha1": "string",
"sha256": "string"
}
],
"firewallProtection": {
"enabled": true,
"outOfBandMode": [
"",
"Observation",
"Protection"
],
"ports": [
0
],
"supported": true,
"tlsPorts": [
0
],
"unprotectedProcesses": [
{
"port": 0,
"process": "string",
"tls": true
}
]
},
"firstScanTime": "2024-07-29T15:51:28.071Z",
"foundSecrets": [
{
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key",
"AWS MWS Auth Token",
"Azure Storage Account Access Key",
"Azure Service Principal",
"GCP Service Account Auth Key",
"Private Encryption Key",
"Public Encryption Key",
"PEM X509 Certificate Header",
"SSH Authorized Keys",
"Artifactory API Token",
"Artifactory Password",
"Basic Auth Credentials",
"Mailchimp Access Key",
"NPM Token",
"Slack Token",
"Slack Webhook",
"Square OAuth Secret",
"Notion Integration Token",
"Airtable API Key",
"Atlassian Oauth2 Keys",
"CircleCI Personal Token",
"Databricks Authentication Token",
"GitHub Token",
"GitLab Token",
"Google API key",
"Grafana Token",
"Python Package Index Key (PYPI)",
"Typeform API Token",
"Scalr Token",
"Braintree Access Token",
"Braintree Payments Key",
"Paypal Token Key",
"Braintree Payments ID",
"Datadog Client Token",
"ClickUp Personal API Token",
"OpenAI API Key",
"Java DB Connectivity (JDBC)",
"MongoDB",
".Net SQL Server"
],
"user": "string"
}
],
"history": [
{
"baseLayer": true,
"created": 0,
"emptyLayer": true,
"id": "string",
"instruction": "string",
"sizeBytes": 0,
"tags": [
"string"
],
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go",
"app",
"unknown"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key",
"AWS MWS Auth Token",
"Azure Storage Account Access Key",
"Azure Service Principal",
"GCP Service Account Auth Key",
"Private Encryption Key",
"Public Encryption Key",
"PEM X509 Certificate Header",
"SSH Authorized Keys",
"Artifactory API Token",
"Artifactory Password",
"Basic Auth Credentials",
"Mailchimp Access Key",
"NPM Token",
"Slack Token",
"Slack Webhook",
"Square OAuth Secret",
"Notion Integration Token",
"Airtable API Key",
"Atlassian Oauth2 Keys",
"CircleCI Personal Token",
"Databricks Authentication Token",
"GitHub Token",
"GitLab Token",
"Google API key",
"Grafana Token",
"Python Package Index Key (PYPI)",
"Typeform API Token",
"Scalr Token",
"Braintree Access Token",
"Braintree Payments Key",
"Paypal Token Key",
"Braintree Payments ID",
"Datadog Client Token",
"ClickUp Personal API Token",
"OpenAI API Key",
"Java DB Connectivity (JDBC)",
"MongoDB",
".Net SQL Server"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux",
"gke_worker",
"image_malware",
"host_malware",
"aks_worker",
"eks_worker",
"image_secret",
"host_secret"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
]
}
],
"hostDevices": [
{
"ip": "string",
"name": "string"
}
],
"hostRuntimeEnabled": true,
"hostname": "string",
"hosts": {},
"id": "string",
"image": {
"created": "2024-07-29T15:51:28.071Z",
"entrypoint": [
"string"
],
"env": [
"string"
],
"healthcheck": true,
"history": [
{
"baseLayer": true,
"created": 0,
"emptyLayer": true,
"id": "string",
"instruction": "string",
"sizeBytes": 0,
"tags": [
"string"
],
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go",
"app",
"unknown"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key",
"AWS MWS Auth Token",
"Azure Storage Account Access Key",
"Azure Service Principal",
"GCP Service Account Auth Key",
"Private Encryption Key",
"Public Encryption Key",
"PEM X509 Certificate Header",
"SSH Authorized Keys",
"Artifactory API Token",
"Artifactory Password",
"Basic Auth Credentials",
"Mailchimp Access Key",
"NPM Token",
"Slack Token",
"Slack Webhook",
"Square OAuth Secret",
"Notion Integration Token",
"Airtable API Key",
"Atlassian Oauth2 Keys",
"CircleCI Personal Token",
"Databricks Authentication Token",
"GitHub Token",
"GitLab Token",
"Google API key",
"Grafana Token",
"Python Package Index Key (PYPI)",
"Typeform API Token",
"Scalr Token",
"Braintree Access Token",
"Braintree Payments Key",
"Paypal Token Key",
"Braintree Payments ID",
"Datadog Client Token",
"ClickUp Personal API Token",
"OpenAI API Key",
"Java DB Connectivity (JDBC)",
"MongoDB",
".Net SQL Server"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux",
"gke_worker",
"image_malware",
"host_malware",
"aks_worker",
"eks_worker",
"image_secret",
"host_secret"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
]
}
],
"id": "string",
"labels": {},
"layers": [
"string"
],
"os": "string",
"repoDigest": [
"string"
],
"repoTags": [
"string"
],
"user": "string",
"workingDir": "string"
},
"installedProducts": {
"agentless": true,
"apache": "string",
"awsCloud": true,
"clusterType": [
"AKS",
"ECS",
"EKS",
"GKE",
"Kubernetes"
],
"crio": true,
"docker": "string",
"dockerEnterprise": true,
"hasPackageManager": true,
"k8sApiServer": true,
"k8sControllerManager": true,
"k8sEtcd": true,
"k8sFederationApiServer": true,
"k8sFederationControllerManager": true,
"k8sKubelet": true,
"k8sProxy": true,
"k8sScheduler": true,
"kubernetes": "string",
"managedClusterVersion": "string",
"openshift": true,
"openshiftVersion": "string",
"osDistro": "string",
"serverless": true,
"swarmManager": true,
"swarmNode": true
},
"instances": [
{
"host": "string",
"image": "string",
"modified": "2024-07-29T15:51:28.071Z",
"registry": "string",
"repo": "string",
"tag": "string"
}
],
"isARM64": true,
"k8sClusterAddr": "string",
"labels": [
"string"
],
"layers": [
"string"
],
"malwareAnalyzedTime": "2024-07-29T15:51:28.071Z",
"missingDistroVulnCoverage": true,
"namespaces": [
"string"
],
"osDistro": "string",
"osDistroRelease": "string",
"osDistroVersion": "string",
"packageManager": true,
"packages": [
{
"pkgs": [
{
"author": "string",
"binaryIdx": [
0
],
"binaryPkgs": [
"string"
],
"cveCount": 0,
"defaultGem": true,
"files": [
{
"md5": "string",
"original_file_location": "string",
"path": "string",
"sha1": "string",
"sha256": "string"
}
],
"functionLayer": "string",
"goPkg": true,
"isRPMModule": true,
"jarIdentifier": "string",
"layerTime": 0,
"license": "string",
"md5": "string",
"name": "string",
"originPackageName": "string",
"osPackage": true,
"path": "string",
"purl": "string",
"rpmModule": "string",
"securityRepoPkg": true,
"symbols": [
"string"
],
"version": "string"
}
],
"pkgsType": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go",
"app",
"unknown"
]
}
],
"pullDuration": 0,
"pushTime": "2024-07-29T15:51:28.071Z",
"redHatNonRPMImage": true,
"registryNamespace": "string",
"registryTags": [
"string"
],
"registryType": "string",
"repoDigests": [
"string"
],
"repoTag": {
"digest": "string",
"id": "string",
"registry": "string",
"repo": "string",
"tag": "string"
},
"rhelRepos": [
"string"
],
"rhelReposRelativeURLs": [
"string"
],
"riskFactors": {},
"scanBuildDate": "string",
"scanDuration": 0,
"scanID": 0,
"scanTime": "2024-07-29T15:51:28.071Z",
"scanVersion": "string",
"secretScanMetrics": {
"failedScans": 0,
"foundSecrets": 0,
"scanTime": 0,
"scanTimeouts": 0,
"scannedFileSize": 0,
"scannedFiles": 0,
"totalBytes": 0,
"totalFiles": 0,
"totalTime": 0,
"typesCount": {}
},
"startupBinaries": [
{
"altered": true,
"cveCount": 0,
"deps": [
"string"
],
"fileMode": 0,
"functionLayer": "string",
"md5": "string",
"missingPkg": true,
"name": "string",
"path": "string",
"pkgRootDir": "string",
"services": [
"string"
],
"version": "string"
}
],
"stopped": true,
"tags": [
{
"digest": "string",
"id": "string",
"registry": "string",
"repo": "string",
"tag": "string"
}
],
"topLayer": "string",
"trustResult": {
"groups": [
{
"_id": "string",
"disabled": true,
"images": [
"string"
],
"layers": [
"string"
],
"modified": "2024-07-29T15:51:28.071Z",
"name": "string",
"notes": "string",
"owner": "string",
"previousName": "string"
}
],
"hostsStatuses": [
{
"host": "string",
"status": [
"trusted",
"untrusted"
]
}
]
},
"trustStatus": [
"trusted",
"untrusted"
],
"twistlockImage": true,
"type": [
"image",
"ciImage",
"container",
"host",
"agentlessHost",
"registry",
"serverlessScan",
"ciServerless",
"vm",
"tas",
"ciTas",
"cloudDiscovery",
"serverlessRadar",
"serverlessAutoDeploy",
"hostAutoDeploy",
"codeRepo",
"ciCodeRepo"
],
"underlyingDistro": "string",
"underlyingDistroRelease": "string",
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem",
"python",
"jar",
"package",
"windows",
"binary",
"nuget",
"go",
"app",
"unknown"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key",
"AWS MWS Auth Token",
"Azure Storage Account Access Key",
"Azure Service Principal",
"GCP Service Account Auth Key",
"Private Encryption Key",
"Public Encryption Key",
"PEM X509 Certificate Header",
"SSH Authorized Keys",
"Artifactory API Token",
"Artifactory Password",
"Basic Auth Credentials",
"Mailchimp Access Key",
"NPM Token",
"Slack Token",
"Slack Webhook",
"Square OAuth Secret",
"Notion Integration Token",
"Airtable API Key",
"Atlassian Oauth2 Keys",
"CircleCI Personal Token",
"Databricks Authentication Token",
"GitHub Token",
"GitLab Token",
"Google API key",
"Grafana Token",
"Python Package Index Key (PYPI)",
"Typeform API Token",
"Scalr Token",
"Braintree Access Token",
"Braintree Payments Key",
"Paypal Token Key",
"Braintree Payments ID",
"Datadog Client Token",
"ClickUp Personal API Token",
"OpenAI API Key",
"Java DB Connectivity (JDBC)",
"MongoDB",
".Net SQL Server"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA",
"NIST SP 800-190",
"GDPR",
"DISA STIG"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image",
"host_config",
"daemon_config",
"daemon_config_files",
"security_operations",
"k8s_master",
"k8s_worker",
"k8s_federation",
"linux",
"windows",
"istio",
"serverless",
"custom",
"docker_stig",
"openshift_master",
"openshift_worker",
"application_control_linux",
"gke_worker",
"image_malware",
"host_malware",
"aks_worker",
"eks_worker",
"image_secret",
"host_secret"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
],
"vulnerabilitiesCount": 0,
"vulnerabilityDistribution": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"vulnerabilityRiskScore": 0,
"wildFireUsage": {
"bytes": 0,
"queries": 0,
"uploads": 0
}
}
]
Workflow Library Example
List Registry Scan Results with Prisma Cloud Cwp and Send Results Via Email