ListAttackPathsResponse

Response message for listing the attack paths for a given simulation or valued resource.

JSON representation
{
  "attackPaths": [
    {
      object (AttackPath)
    }
  ],
  "nextPageToken": string
}
Fields
attackPaths[]

object (AttackPath)

The attack paths that the attack path simulation identified.

nextPageToken

string

Token to retrieve the next page of results, or empty if there are no more results.

AttackPath

A path that an attacker could take to reach an exposed resource.

JSON representation
{
  "name": string,
  "pathNodes": [
    {
      object (AttackPathNode)
    }
  ],
  "edges": [
    {
      object (AttackPathEdge)
    }
  ]
}
Fields
name

string

The attack path name, for example, organizations/12/simulation/34/valuedResources/56/attackPaths/78

pathNodes[]

object (AttackPathNode)

A list of nodes that exist in this attack path.

edges[]

object (AttackPathEdge)

A list of the edges between nodes in this attack path.

AttackPathNode

Represents one point that an attacker passes through in this attack path.

JSON representation
{
  "resource": string,
  "resourceType": string,
  "displayName": string,
  "associatedFindings": [
    {
      object (PathNodeAssociatedFinding)
    }
  ],
  "uuid": string,
  "attackSteps": [
    {
      object (AttackStepNode)
    }
  ]
}
Fields
resource

string

The name of the resource at this point in the attack path. The format of the name follows the Cloud Asset Inventory resource name format

resourceType

string

The supported resource type

displayName

string

Human-readable name of this resource.

associatedFindings[]

object (PathNodeAssociatedFinding)

The findings associated with this node in the attack path.

uuid

string

Unique id of the attack path node.

attackSteps[]

object (AttackStepNode)

A list of attack step nodes that exist in this attack path node.

PathNodeAssociatedFinding

A finding that is associated with this node in the attack path.

JSON representation
{
  "canonicalFinding": string,
  "findingCategory": string,
  "name": string
}
Fields
canonicalFinding

string

Canonical name of the associated findings. Example: organizations/123/sources/456/findings/789

findingCategory

string

The additional taxonomy group within findings from a given source.

name

string

Full resource name of the finding.

AttackStepNode

Detailed steps the attack can take between path nodes.

JSON representation
{
  "uuid": string,
  "type": enum (NodeType),
  "displayName": string,
  "labels": {
    string: string,
    ...
  },
  "description": string
}
Fields
uuid

string

Unique ID for one Node

type

enum (NodeType)

Attack step type. Can be either AND, OR or DEFENSE

displayName

string

User friendly name of the attack step

labels

map (key: string, value: string)

Attack step labels for metadata

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

description

string

Attack step description

NodeType

The type of the incoming attack step node.

Enums
NODE_TYPE_UNSPECIFIED Type not specified
NODE_TYPE_AND Incoming edge joined with AND
NODE_TYPE_OR Incoming edge joined with OR
NODE_TYPE_DEFENSE Incoming edge is defense
NODE_TYPE_ATTACKER Incoming edge is attacker

AttackPathEdge

Represents a connection between a source node and a destination node in this attack path.

JSON representation
{
  "source": string,
  "destination": string
}
Fields
source

string

The attack node uuid of the source node.

destination

string

The attack node uuid of the destination node.