com.google.cloud.securitycenter.v1

Enum Finding.Severity

java.lang.Object

java.lang.Enum<Finding.Severity>

com.google.cloud.securitycenter.v1.Finding.Severity

All Implemented Interfaces:

Internal.EnumLite, ProtocolMessageEnum, Serializable, Comparable<Finding.Severity>

Enclosing class:

Finding

public static enum Finding.Severity
extends Enum<Finding.Severity>
implements ProtocolMessageEnum

 The severity of the finding.
 

Protobuf enum google.cloud.securitycenter.v1.Finding.Severity

Enum Constant Summary

Enum Constants

Enum Constant and Description
CRITICAL Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads.
HIGH Vulnerability: A high risk vulnerability can be easily discovered and exploited in combination with other vulnerabilities in order to gain direct access and the ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads.
LOW Vulnerability: A low risk vulnerability hampers a security organization's ability to detect vulnerabilities or active threats in their deployment, or prevents the root cause investigation of security issues.
MEDIUM Vulnerability: A medium risk vulnerability could be used by an actor to gain access to resources or privileges that enable them to eventually (through multiple steps or a complex exploit) gain access and the ability to execute arbitrary code or exfiltrate data.
SEVERITY_UNSPECIFIED This value is used for findings when a source doesn't write a severity value.
UNRECOGNIZED

Field Summary

Fields

Modifier and Type	Field and Description
static int	CRITICAL_VALUE Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads.
static int	HIGH_VALUE Vulnerability: A high risk vulnerability can be easily discovered and exploited in combination with other vulnerabilities in order to gain direct access and the ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads.
static int	LOW_VALUE Vulnerability: A low risk vulnerability hampers a security organization's ability to detect vulnerabilities or active threats in their deployment, or prevents the root cause investigation of security issues.
static int	MEDIUM_VALUE Vulnerability: A medium risk vulnerability could be used by an actor to gain access to resources or privileges that enable them to eventually (through multiple steps or a complex exploit) gain access and the ability to execute arbitrary code or exfiltrate data.
static int	SEVERITY_UNSPECIFIED_VALUE This value is used for findings when a source doesn't write a severity value.

Method Summary

Modifier and Type	Method and Description
static Finding.Severity	forNumber(int value)
static Descriptors.EnumDescriptor	getDescriptor()
Descriptors.EnumDescriptor	getDescriptorForType()
int	getNumber()
Descriptors.EnumValueDescriptor	getValueDescriptor()
static Internal.EnumLiteMap<Finding.Severity>	internalGetValueMap()
static Finding.Severity	valueOf(Descriptors.EnumValueDescriptor desc)
static Finding.Severity	valueOf(int value) Deprecated. Use forNumber(int) instead.
static Finding.Severity	valueOf(String name) Returns the enum constant of this type with the specified name.
static Finding.Severity[]	values() Returns an array containing the constants of this enum type, in the order they are declared.

Methods inherited from class java.lang.Enum

clone, compareTo, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Enum Constant Detail

SEVERITY_UNSPECIFIED

public static final Finding.Severity SEVERITY_UNSPECIFIED

 This value is used for findings when a source doesn't write a severity
 value.
 

SEVERITY_UNSPECIFIED = 0;

CRITICAL

public static final Finding.Severity CRITICAL

 Vulnerability:
 A critical vulnerability is easily discoverable by an external actor,
 exploitable, and results in the direct ability to execute arbitrary code,
 exfiltrate data, and otherwise gain additional access and privileges to
 cloud resources and workloads. Examples include publicly accessible
 unprotected user data, public SSH access with weak or no passwords, etc.
 Threat:
 Indicates a threat that is able to access, modify, or delete data or
 execute unauthorized code within existing resources.
 

CRITICAL = 1;

HIGH

public static final Finding.Severity HIGH

 Vulnerability:
 A high risk vulnerability can be easily discovered and exploited in
 combination with other vulnerabilities in order to gain direct access and
 the ability to execute arbitrary code, exfiltrate data, and otherwise
 gain additional access and privileges to cloud resources and workloads.
 An example is a database with weak or no passwords that is only
 accessible internally. This database could easily be compromised by an
 actor that had access to the internal network.
 Threat:
 Indicates a threat that is able to create new computational resources in
 an environment but not able to access data or execute code in existing
 resources.
 

HIGH = 2;

MEDIUM

public static final Finding.Severity MEDIUM

 Vulnerability:
 A medium risk vulnerability could be used by an actor to gain access to
 resources or privileges that enable them to eventually (through multiple
 steps or a complex exploit) gain access and the ability to execute
 arbitrary code or exfiltrate data. An example is a service account with
 access to more projects than it should have. If an actor gains access to
 the service account, they could potentially use that access to manipulate
 a project the service account was not intended to.
 Threat:
 Indicates a threat that is able to cause operational impact but may not
 access data or execute unauthorized code.
 

MEDIUM = 3;

LOW

public static final Finding.Severity LOW

 Vulnerability:
 A low risk vulnerability hampers a security organization's ability to
 detect vulnerabilities or active threats in their deployment, or prevents
 the root cause investigation of security issues. An example is monitoring
 and logs being disabled for resource configurations and access.
 Threat:
 Indicates a threat that has obtained minimal access to an environment but
 is not able to access data, execute code, or create resources.
 

LOW = 4;

UNRECOGNIZED

public static final Finding.Severity UNRECOGNIZED

Field Detail

SEVERITY_UNSPECIFIED_VALUE

public static final int SEVERITY_UNSPECIFIED_VALUE

 This value is used for findings when a source doesn't write a severity
 value.
 

SEVERITY_UNSPECIFIED = 0;

See Also:

Constant Field Values

CRITICAL_VALUE

public static final int CRITICAL_VALUE

 Vulnerability:
 A critical vulnerability is easily discoverable by an external actor,
 exploitable, and results in the direct ability to execute arbitrary code,
 exfiltrate data, and otherwise gain additional access and privileges to
 cloud resources and workloads. Examples include publicly accessible
 unprotected user data, public SSH access with weak or no passwords, etc.
 Threat:
 Indicates a threat that is able to access, modify, or delete data or
 execute unauthorized code within existing resources.
 

CRITICAL = 1;

See Also:

Constant Field Values

HIGH_VALUE

public static final int HIGH_VALUE

 Vulnerability:
 A high risk vulnerability can be easily discovered and exploited in
 combination with other vulnerabilities in order to gain direct access and
 the ability to execute arbitrary code, exfiltrate data, and otherwise
 gain additional access and privileges to cloud resources and workloads.
 An example is a database with weak or no passwords that is only
 accessible internally. This database could easily be compromised by an
 actor that had access to the internal network.
 Threat:
 Indicates a threat that is able to create new computational resources in
 an environment but not able to access data or execute code in existing
 resources.
 

HIGH = 2;

See Also:

Constant Field Values

MEDIUM_VALUE

public static final int MEDIUM_VALUE

 Vulnerability:
 A medium risk vulnerability could be used by an actor to gain access to
 resources or privileges that enable them to eventually (through multiple
 steps or a complex exploit) gain access and the ability to execute
 arbitrary code or exfiltrate data. An example is a service account with
 access to more projects than it should have. If an actor gains access to
 the service account, they could potentially use that access to manipulate
 a project the service account was not intended to.
 Threat:
 Indicates a threat that is able to cause operational impact but may not
 access data or execute unauthorized code.
 

MEDIUM = 3;

See Also:

Constant Field Values

LOW_VALUE

public static final int LOW_VALUE

 Vulnerability:
 A low risk vulnerability hampers a security organization's ability to
 detect vulnerabilities or active threats in their deployment, or prevents
 the root cause investigation of security issues. An example is monitoring
 and logs being disabled for resource configurations and access.
 Threat:
 Indicates a threat that has obtained minimal access to an environment but
 is not able to access data, execute code, or create resources.
 

LOW = 4;

See Also:

Constant Field Values

Method Detail

values

public static Finding.Severity[] values()

Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:

for (Finding.Severity c : Finding.Severity.values())
    System.out.println(c);

Returns:

an array containing the constants of this enum type, in the order they are declared

valueOf

public static Finding.Severity valueOf(String name)

Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)

Parameters:

name - the name of the enum constant to be returned.

Returns:

the enum constant with the specified name

Throws:

IllegalArgumentException - if this enum type has no constant with the specified name

NullPointerException - if the argument is null

getNumber

public final int getNumber()

Specified by:

getNumber in interface Internal.EnumLite

Specified by:

getNumber in interface ProtocolMessageEnum

valueOf

@Deprecated
public static Finding.Severity valueOf(int value)

Deprecated. Use forNumber(int) instead.

Parameters:

value - The numeric wire value of the corresponding enum entry.

Returns:

The enum associated with the given numeric wire value.

forNumber

public static Finding.Severity forNumber(int value)

Parameters:

value - The numeric wire value of the corresponding enum entry.

Returns:

The enum associated with the given numeric wire value.

internalGetValueMap

public static Internal.EnumLiteMap<Finding.Severity> internalGetValueMap()

getValueDescriptor

public final Descriptors.EnumValueDescriptor getValueDescriptor()

Specified by:

getValueDescriptor in interface ProtocolMessageEnum

getDescriptorForType

public final Descriptors.EnumDescriptor getDescriptorForType()

Specified by:

getDescriptorForType in interface ProtocolMessageEnum

getDescriptor

public static final Descriptors.EnumDescriptor getDescriptor()

valueOf

public static Finding.Severity valueOf(Descriptors.EnumValueDescriptor desc)