Package com.google.cloud.securitycenter.v1

Enum Finding.Severity

  • All Implemented Interfaces:
    com.google.protobuf.Internal.EnumLite, com.google.protobuf.ProtocolMessageEnum, Serializable, Comparable<Finding.Severity>
    Enclosing class:
    Finding
    public static enum Finding.Severity
extends Enum<Finding.Severity>
implements com.google.protobuf.ProtocolMessageEnum
     The severity of the finding.
    Protobuf enum google.cloud.securitycenter.v1.Finding.Severity

    • Enum Constant Summary

      Enum Constants 
      Enum Constant Description
      CRITICAL
      Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads.
      HIGH
      Vulnerability: A high risk vulnerability can be easily discovered and exploited in combination with other vulnerabilities in order to gain direct access and the ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads.
      LOW
      Vulnerability: A low risk vulnerability hampers a security organization's ability to detect vulnerabilities or active threats in their deployment, or prevents the root cause investigation of security issues.
      MEDIUM
      Vulnerability: A medium risk vulnerability could be used by an actor to gain access to resources or privileges that enable them to eventually (through multiple steps or a complex exploit) gain access and the ability to execute arbitrary code or exfiltrate data.
      SEVERITY_UNSPECIFIED
      This value is used for findings when a source doesn't write a severity value.
      UNRECOGNIZED  

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static int CRITICAL_VALUE
      Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads.
      static int HIGH_VALUE
      Vulnerability: A high risk vulnerability can be easily discovered and exploited in combination with other vulnerabilities in order to gain direct access and the ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads.
      static int LOW_VALUE
      Vulnerability: A low risk vulnerability hampers a security organization's ability to detect vulnerabilities or active threats in their deployment, or prevents the root cause investigation of security issues.
      static int MEDIUM_VALUE
      Vulnerability: A medium risk vulnerability could be used by an actor to gain access to resources or privileges that enable them to eventually (through multiple steps or a complex exploit) gain access and the ability to execute arbitrary code or exfiltrate data.
      static int SEVERITY_UNSPECIFIED_VALUE
      This value is used for findings when a source doesn't write a severity value.

    • Enum Constant Detail

      • SEVERITY_UNSPECIFIED

        public static final Finding.Severity SEVERITY_UNSPECIFIED
         This value is used for findings when a source doesn't write a severity
 value.
        SEVERITY_UNSPECIFIED = 0;

      • CRITICAL

        public static final Finding.Severity CRITICAL
         Vulnerability:
 A critical vulnerability is easily discoverable by an external actor,
 exploitable, and results in the direct ability to execute arbitrary code,
 exfiltrate data, and otherwise gain additional access and privileges to
 cloud resources and workloads. Examples include publicly accessible
 unprotected user data and public SSH access with weak or no
 passwords.

 Threat:
 Indicates a threat that is able to access, modify, or delete data or
 execute unauthorized code within existing resources.
        CRITICAL = 1;

      • HIGH

        public static final Finding.Severity HIGH
         Vulnerability:
 A high risk vulnerability can be easily discovered and exploited in
 combination with other vulnerabilities in order to gain direct access and
 the ability to execute arbitrary code, exfiltrate data, and otherwise
 gain additional access and privileges to cloud resources and workloads.
 An example is a database with weak or no passwords that is only
 accessible internally. This database could easily be compromised by an
 actor that had access to the internal network.

 Threat:
 Indicates a threat that is able to create new computational resources in
 an environment but not able to access data or execute code in existing
 resources.
        HIGH = 2;

      • MEDIUM

        public static final Finding.Severity MEDIUM
         Vulnerability:
 A medium risk vulnerability could be used by an actor to gain access to
 resources or privileges that enable them to eventually (through multiple
 steps or a complex exploit) gain access and the ability to execute
 arbitrary code or exfiltrate data. An example is a service account with
 access to more projects than it should have. If an actor gains access to
 the service account, they could potentially use that access to manipulate
 a project the service account was not intended to.

 Threat:
 Indicates a threat that is able to cause operational impact but may not
 access data or execute unauthorized code.
        MEDIUM = 3;

      • LOW

        public static final Finding.Severity LOW
         Vulnerability:
 A low risk vulnerability hampers a security organization's ability to
 detect vulnerabilities or active threats in their deployment, or prevents
 the root cause investigation of security issues. An example is monitoring
 and logs being disabled for resource configurations and access.

 Threat:
 Indicates a threat that has obtained minimal access to an environment but
 is not able to access data, execute code, or create resources.
        LOW = 4;

    • Field Detail

      • SEVERITY_UNSPECIFIED_VALUE

        public static final int SEVERITY_UNSPECIFIED_VALUE
         This value is used for findings when a source doesn't write a severity
 value.
        SEVERITY_UNSPECIFIED = 0;
        See Also:
        Constant Field Values

      • CRITICAL_VALUE

        public static final int CRITICAL_VALUE
         Vulnerability:
 A critical vulnerability is easily discoverable by an external actor,
 exploitable, and results in the direct ability to execute arbitrary code,
 exfiltrate data, and otherwise gain additional access and privileges to
 cloud resources and workloads. Examples include publicly accessible
 unprotected user data and public SSH access with weak or no
 passwords.

 Threat:
 Indicates a threat that is able to access, modify, or delete data or
 execute unauthorized code within existing resources.
        CRITICAL = 1;
        See Also:
        Constant Field Values

      • HIGH_VALUE

        public static final int HIGH_VALUE
         Vulnerability:
 A high risk vulnerability can be easily discovered and exploited in
 combination with other vulnerabilities in order to gain direct access and
 the ability to execute arbitrary code, exfiltrate data, and otherwise
 gain additional access and privileges to cloud resources and workloads.
 An example is a database with weak or no passwords that is only
 accessible internally. This database could easily be compromised by an
 actor that had access to the internal network.

 Threat:
 Indicates a threat that is able to create new computational resources in
 an environment but not able to access data or execute code in existing
 resources.
        HIGH = 2;
        See Also:
        Constant Field Values

      • MEDIUM_VALUE

        public static final int MEDIUM_VALUE
         Vulnerability:
 A medium risk vulnerability could be used by an actor to gain access to
 resources or privileges that enable them to eventually (through multiple
 steps or a complex exploit) gain access and the ability to execute
 arbitrary code or exfiltrate data. An example is a service account with
 access to more projects than it should have. If an actor gains access to
 the service account, they could potentially use that access to manipulate
 a project the service account was not intended to.

 Threat:
 Indicates a threat that is able to cause operational impact but may not
 access data or execute unauthorized code.
        MEDIUM = 3;
        See Also:
        Constant Field Values

      • LOW_VALUE

        public static final int LOW_VALUE
         Vulnerability:
 A low risk vulnerability hampers a security organization's ability to
 detect vulnerabilities or active threats in their deployment, or prevents
 the root cause investigation of security issues. An example is monitoring
 and logs being disabled for resource configurations and access.

 Threat:
 Indicates a threat that has obtained minimal access to an environment but
 is not able to access data, execute code, or create resources.
        LOW = 4;
        See Also:
        Constant Field Values

    • Method Detail

      • values

        public static Finding.Severity[] values()
        Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows: 
        for (Finding.Severity c : Finding.Severity.values())
    System.out.println(c);
        Returns:
        an array containing the constants of this enum type, in the order they are declared

      • valueOf

        public static Finding.Severity valueOf​(String name)
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        name - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        IllegalArgumentException - if this enum type has no constant with the specified name
        NullPointerException - if the argument is null

      • getNumber

        public final int getNumber()
        Specified by:
        getNumber in interface com.google.protobuf.Internal.EnumLite
        Specified by:
        getNumber in interface com.google.protobuf.ProtocolMessageEnum

      • valueOf

        @Deprecated
public static Finding.Severity valueOf​(int value)
        Deprecated.
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        value - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        IllegalArgumentException - if this enum type has no constant with the specified name
        NullPointerException - if the argument is null

      • forNumber

        public static Finding.Severity forNumber​(int value)
        Parameters:
        value - The numeric wire value of the corresponding enum entry.
        Returns:
        The enum associated with the given numeric wire value.

      • internalGetValueMap

        public static com.google.protobuf.Internal.EnumLiteMap<Finding.Severity> internalGetValueMap()

      • getValueDescriptor

        public final com.google.protobuf.Descriptors.EnumValueDescriptor getValueDescriptor()
        Specified by:
        getValueDescriptor in interface com.google.protobuf.ProtocolMessageEnum

      • getDescriptorForType

        public final com.google.protobuf.Descriptors.EnumDescriptor getDescriptorForType()
        Specified by:
        getDescriptorForType in interface com.google.protobuf.ProtocolMessageEnum

      • getDescriptor

        public static final com.google.protobuf.Descriptors.EnumDescriptor getDescriptor()

      • valueOf

        public static Finding.Severity valueOf​(com.google.protobuf.Descriptors.EnumValueDescriptor desc)
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        desc - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        IllegalArgumentException - if this enum type has no constant with the specified name
        NullPointerException - if the argument is null