Indicator(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
Attributes | |
---|---|
Name | Description |
ip_addresses |
MutableSequence[str]
List of ip addresses associated to the Finding. |
domains |
MutableSequence[str]
List of domains associated to the Finding. |
signatures |
MutableSequence[google.cloud.securitycenter_v1.types.Indicator.ProcessSignature]
The list of matched signatures indicating that the given process is present in the environment. |
uris |
MutableSequence[str]
The list of URIs associated to the Findings. |
Classes
ProcessSignature
ProcessSignature(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Indicates what signature matched this process.
This message has oneof
_ fields (mutually exclusive fields).
For each oneof, at most one member field can be set at the same time.
Setting any member of the oneof automatically clears all other
members.
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields