Assessments Metadata - List

Служба:

Defender for Cloud

Версия API:

2021-06-01

Получение сведений о метаданных для всех типов оценки

GET https://management.azure.com/providers/Microsoft.Security/assessmentMetadata?api-version=2021-06-01

Параметры URI

Имя	В	Обязательно	Тип	Описание
api-version	query	True	string	Версия API для операции

Ответы

Имя	Тип	Описание
200 OK	SecurityAssessmentMetadataResponseList	ХОРОШО
Other Status Codes	CloudError	Ответ на ошибку, описывающий причину сбоя операции.

Безопасность

azure_auth

Поток OAuth2 Azure Active Directory

Тип: oauth2
Flow: implicit
URL-адрес авторизации: https://login.microsoftonline.com/common/oauth2/authorize

Области

Имя	Описание
user_impersonation	олицетворения учетной записи пользователя

Примеры

List security assessment metadata

Образец запроса

HTTP

GET https://management.azure.com/providers/Microsoft.Security/assessmentMetadata?api-version=2021-06-01

Java

/**
 * Samples for AssessmentsMetadata List.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/
     * ListAssessmentsMetadata_example.json
     */
    /**
     * Sample code: List security assessment metadata.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void listSecurityAssessmentMetadata(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.assessmentsMetadatas().list(com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
func ExampleAssessmentsMetadataClient_NewListPager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewAssessmentsMetadataClient().NewListPager(nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.AssessmentMetadataResponseList = armsecurity.AssessmentMetadataResponseList{
		// 	Value: []*armsecurity.AssessmentMetadataResponse{
		// 		{
		// 			Name: to.Ptr("21300918-b2e3-0346-785f-c77ff57d243b"),
		// 			Type: to.Ptr("Microsoft.Security/assessmentMetadata"),
		// 			ID: to.Ptr("/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b"),
		// 			Properties: &armsecurity.AssessmentMetadataPropertiesResponse{
		// 				Description: to.Ptr("Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities."),
		// 				AssessmentType: to.Ptr(armsecurity.AssessmentTypeBuiltIn),
		// 				Categories: []*armsecurity.Categories{
		// 					to.Ptr(armsecurity.CategoriesCompute)},
		// 					DisplayName: to.Ptr("Install endpoint protection solution on virtual machine scale sets"),
		// 					ImplementationEffort: to.Ptr(armsecurity.ImplementationEffortLow),
		// 					PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de"),
		// 					RemediationDescription: to.Ptr("To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>"),
		// 					Severity: to.Ptr(armsecurity.SeverityMedium),
		// 					Threats: []*armsecurity.Threats{
		// 						to.Ptr(armsecurity.ThreatsDataExfiltration),
		// 						to.Ptr(armsecurity.ThreatsDataSpillage),
		// 						to.Ptr(armsecurity.ThreatsMaliciousInsider)},
		// 						UserImpact: to.Ptr(armsecurity.UserImpactLow),
		// 						PlannedDeprecationDate: to.Ptr("03/2022"),
		// 						PublishDates: &armsecurity.AssessmentMetadataPropertiesResponsePublishDates{
		// 							GA: to.Ptr("06/01/2021"),
		// 							Public: to.Ptr("06/01/2021"),
		// 						},
		// 						Tactics: []*armsecurity.Tactics{
		// 							to.Ptr(armsecurity.TacticsCredentialAccess),
		// 							to.Ptr(armsecurity.TacticsPersistence),
		// 							to.Ptr(armsecurity.TacticsExecution),
		// 							to.Ptr(armsecurity.TacticsDefenseEvasion),
		// 							to.Ptr(armsecurity.TacticsCollection),
		// 							to.Ptr(armsecurity.TacticsDiscovery),
		// 							to.Ptr(armsecurity.TacticsPrivilegeEscalation)},
		// 							Techniques: []*armsecurity.Techniques{
		// 								to.Ptr(armsecurity.TechniquesObfuscatedFilesOrInformation),
		// 								to.Ptr(armsecurity.TechniquesIngressToolTransfer),
		// 								to.Ptr(armsecurity.TechniquesPhishing),
		// 								to.Ptr(armsecurity.TechniquesUserExecution)},
		// 							},
		// 						},
		// 						{
		// 							Name: to.Ptr("bc303248-3d14-44c2-96a0-55f5c326b5fe"),
		// 							Type: to.Ptr("Microsoft.Security/assessmentMetadata"),
		// 							ID: to.Ptr("/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe"),
		// 							Properties: &armsecurity.AssessmentMetadataPropertiesResponse{
		// 								Description: to.Ptr("Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine."),
		// 								AssessmentType: to.Ptr(armsecurity.AssessmentTypeCustomPolicy),
		// 								Categories: []*armsecurity.Categories{
		// 									to.Ptr(armsecurity.CategoriesNetworking)},
		// 									DisplayName: to.Ptr("Close management ports on your virtual machines"),
		// 									ImplementationEffort: to.Ptr(armsecurity.ImplementationEffortLow),
		// 									PolicyDefinitionID: to.Ptr("/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917"),
		// 									Preview: to.Ptr(true),
		// 									RemediationDescription: to.Ptr("We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.<br>To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'"),
		// 									Severity: to.Ptr(armsecurity.SeverityMedium),
		// 									Threats: []*armsecurity.Threats{
		// 										to.Ptr(armsecurity.ThreatsDataExfiltration),
		// 										to.Ptr(armsecurity.ThreatsDataSpillage),
		// 										to.Ptr(armsecurity.ThreatsMaliciousInsider)},
		// 										UserImpact: to.Ptr(armsecurity.UserImpactHigh),
		// 										PublishDates: &armsecurity.AssessmentMetadataPropertiesResponsePublishDates{
		// 											GA: to.Ptr("06/01/2021"),
		// 											Public: to.Ptr("06/01/2021"),
		// 										},
		// 									},
		// 								},
		// 								{
		// 									Name: to.Ptr("ca039e75-a276-4175-aebc-bcd41e4b14b7"),
		// 									Type: to.Ptr("Microsoft.Security/assessmentMetadata"),
		// 									ID: to.Ptr("/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7"),
		// 									Properties: &armsecurity.AssessmentMetadataPropertiesResponse{
		// 										Description: to.Ptr("Assessment that my organization created to view our security assessment in Azure Security Center"),
		// 										AssessmentType: to.Ptr(armsecurity.AssessmentTypeCustomerManaged),
		// 										Categories: []*armsecurity.Categories{
		// 											to.Ptr(armsecurity.CategoriesCompute)},
		// 											DisplayName: to.Ptr("My organization security assessment"),
		// 											ImplementationEffort: to.Ptr(armsecurity.ImplementationEffortLow),
		// 											RemediationDescription: to.Ptr("Fix it with these remediation instructions"),
		// 											Severity: to.Ptr(armsecurity.SeverityMedium),
		// 											Threats: []*armsecurity.Threats{
		// 											},
		// 											UserImpact: to.Ptr(armsecurity.UserImpactLow),
		// 											PublishDates: &armsecurity.AssessmentMetadataPropertiesResponsePublishDates{
		// 												GA: to.Ptr("06/01/2021"),
		// 												Public: to.Ptr("06/01/2021"),
		// 											},
		// 										},
		// 								}},
		// 							}
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Get metadata information on all assessment types
 *
 * @summary Get metadata information on all assessment types
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
 */
async function listSecurityAssessmentMetadata() {
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential);
  const resArray = new Array();
  for await (let item of client.assessmentsMetadata.list()) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.SecurityCenter;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
// this example is just showing the usage of "AssessmentsMetadata_List" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

TenantResource tenantResource = client.GetTenants().GetAllAsync().GetAsyncEnumerator().Current;

// get the collection of this TenantAssessmentMetadataResource
TenantAssessmentMetadataCollection collection = tenantResource.GetAllTenantAssessmentMetadata();

// invoke the operation and iterate over the result
await foreach (TenantAssessmentMetadataResource item in collection.GetAllAsync())
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    SecurityAssessmentMetadataData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine("Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Пример ответа

Код состояния:

200

{
  "value": [
    {
      "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
      "name": "21300918-b2e3-0346-785f-c77ff57d243b",
      "type": "Microsoft.Security/assessmentMetadata",
      "properties": {
        "displayName": "Install endpoint protection solution on virtual machine scale sets",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
        "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
        "remediationDescription": "To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>",
        "categories": [
          "Compute"
        ],
        "severity": "Medium",
        "userImpact": "Low",
        "implementationEffort": "Low",
        "threats": [
          "dataExfiltration",
          "dataSpillage",
          "maliciousInsider"
        ],
        "publishDates": {
          "GA": "06/01/2021",
          "public": "06/01/2021"
        },
        "plannedDeprecationDate": "03/2022",
        "tactics": [
          "Credential Access",
          "Persistence",
          "Execution",
          "Defense Evasion",
          "Collection",
          "Discovery",
          "Privilege Escalation"
        ],
        "techniques": [
          "Obfuscated Files or Information",
          "Ingress Tool Transfer",
          "Phishing",
          "User Execution"
        ],
        "assessmentType": "BuiltIn"
      }
    },
    {
      "id": "/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe",
      "name": "bc303248-3d14-44c2-96a0-55f5c326b5fe",
      "type": "Microsoft.Security/assessmentMetadata",
      "properties": {
        "displayName": "Close management ports on your virtual machines",
        "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
        "description": "Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.",
        "remediationDescription": "We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.<br>To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'",
        "categories": [
          "Networking"
        ],
        "severity": "Medium",
        "userImpact": "High",
        "implementationEffort": "Low",
        "threats": [
          "dataExfiltration",
          "dataSpillage",
          "maliciousInsider"
        ],
        "publishDates": {
          "GA": "06/01/2021",
          "public": "06/01/2021"
        },
        "preview": true,
        "assessmentType": "CustomPolicy"
      }
    },
    {
      "id": "/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7",
      "name": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
      "type": "Microsoft.Security/assessmentMetadata",
      "properties": {
        "displayName": "My organization security assessment",
        "description": "Assessment that my organization created to view our security assessment in Azure Security Center",
        "remediationDescription": "Fix it with these remediation instructions",
        "categories": [
          "Compute"
        ],
        "severity": "Medium",
        "userImpact": "Low",
        "implementationEffort": "Low",
        "threats": [],
        "publishDates": {
          "GA": "06/01/2021",
          "public": "06/01/2021"
        },
        "assessmentType": "CustomerManaged"
      }
    }
  ]
}

Определения

Имя	Описание
assessmentType	Встроенная оценка, основанная на встроенном определении политики Azure, настраиваемая, если оценка основана на пользовательском определении политики Azure.
categories
CloudError	Распространенный ответ об ошибке для всех API Azure Resource Manager для возврата сведений об ошибке для неудачных операций. (Это также следует формату ответа об ошибках OData.).
CloudErrorBody	Сведения об ошибке.
ErrorAdditionalInfo	Дополнительные сведения об ошибке управления ресурсами.
implementationEffort	Усилия по реализации, необходимые для устранения этой оценки
PublishDates
SecurityAssessmentMetadataPartnerData	Описание партнера, создавшего оценку
SecurityAssessmentMetadataResponse	Ответ на метаданные оценки безопасности
SecurityAssessmentMetadataResponseList	Список метаданных оценки безопасности
severity	Уровень серьезности оценки
tactics
techniques
threats
userImpact	Влияние пользователя на оценку

assessmentType

Перечисление

Встроенная оценка, основанная на встроенном определении политики Azure, настраиваемая, если оценка основана на пользовательском определении политики Azure.

Значение	Описание
BuiltIn	Оценки, управляемые в Microsoft Defender для облака
CustomPolicy	Определяемые пользователем политики, которые автоматически получаются из политики Azure в Microsoft Defender для облака
CustomerManaged	Оценки пользователей, отправленные непосредственно пользователем или другим сторонним поставщиком в Microsoft Defender для Облака
VerifiedPartner	Оценка, созданная проверенной стороной, если пользователь подключил его к ASC

categories

Перечисление

Значение	Описание
Compute
Data
IdentityAndAccess
IoT
Networking

CloudError

Object

Распространенный ответ об ошибке для всех API Azure Resource Manager для возврата сведений об ошибке для неудачных операций. (Это также следует формату ответа об ошибках OData.).

Имя	Тип	Описание
error.additionalInfo	ErrorAdditionalInfo[]	Дополнительные сведения об ошибке.
error.code	string	Код ошибки.
error.details	CloudErrorBody[]	Сведения об ошибке.
error.message	string	Сообщение об ошибке.
error.target	string	Целевой объект ошибки.

CloudErrorBody

Object

Сведения об ошибке.

Имя	Тип	Описание
additionalInfo	ErrorAdditionalInfo[]	Дополнительные сведения об ошибке.
code	string	Код ошибки.
details	CloudErrorBody[]	Сведения об ошибке.
message	string	Сообщение об ошибке.
target	string	Целевой объект ошибки.

ErrorAdditionalInfo

Object

Дополнительные сведения об ошибке управления ресурсами.

Имя	Тип	Описание
info	object	Дополнительные сведения.
type	string	Дополнительный тип сведений.

implementationEffort

Перечисление

Усилия по реализации, необходимые для устранения этой оценки

Значение	Описание
High
Low
Moderate

PublishDates

Object

Имя	Тип	Описание
GA	string pattern: ^([0-9]{2}/){2}[0-9]{4}$
public	string pattern: ^([0-9]{2}/){2}[0-9]{4}$

SecurityAssessmentMetadataPartnerData

Object

Описание партнера, создавшего оценку

Имя	Тип	Описание
partnerName	string	Имя компании партнера
productName	string	Имя продукта партнера, создавшего оценку
secret	string	Секрет проверки подлинности партнера и проверка его создания — только запись

SecurityAssessmentMetadataResponse

Object

Ответ на метаданные оценки безопасности

Имя	Тип	Описание
id	string	Идентификатор ресурса
name	string	Имя ресурса
properties.assessmentType	assessmentType	Встроенная оценка, основанная на встроенном определении политики Azure, настраиваемая, если оценка основана на пользовательском определении политики Azure.
properties.categories	categories[]	Категории ресурсов, которые подвергаются риску, когда оценка неработоспособна
properties.description	string	Удобочитаемое описание оценки
properties.displayName	string	Понятное отображаемое имя оценки
properties.implementationEffort	implementationEffort	Усилия по реализации, необходимые для устранения этой оценки
properties.partnerData	SecurityAssessmentMetadataPartnerData	Описание партнера, создавшего оценку
properties.plannedDeprecationDate	string pattern: ^[0-9]{2}/[0-9]{4}$
properties.policyDefinitionId	string	Идентификатор ресурса Azure определения политики, включающего этот расчет оценки
properties.preview	boolean	Значение true, если эта оценка находится в состоянии предварительной версии выпуска
properties.publishDates	PublishDates
properties.remediationDescription	string	Читаемое человеком описание того, что следует сделать для устранения этой проблемы безопасности
properties.severity	severity	Уровень серьезности оценки
properties.tactics	tactics[]	Тактика оценки
properties.techniques	techniques[]	Методы оценки
properties.threats	threats[]	Влияние угроз на оценку
properties.userImpact	userImpact	Влияние пользователя на оценку
type	string	Тип ресурса

SecurityAssessmentMetadataResponseList

Object

Список метаданных оценки безопасности

Имя	Тип	Описание
nextLink	string	URI для получения следующей страницы.
value	SecurityAssessmentMetadataResponse[]	Ответ на метаданные оценки безопасности

severity

Перечисление

Уровень серьезности оценки

Значение	Описание
High
Low
Medium

tactics

Перечисление

Значение	Описание
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Reconnaissance
Resource Development

techniques

Перечисление

Значение	Описание
Abuse Elevation Control Mechanism
Access Token Manipulation
Account Discovery
Account Manipulation
Active Scanning
Application Layer Protocol
Audio Capture
Boot or Logon Autostart Execution
Boot or Logon Initialization Scripts
Brute Force
Cloud Infrastructure Discovery
Cloud Service Dashboard
Cloud Service Discovery
Command and Scripting Interpreter
Compromise Client Software Binary
Compromise Infrastructure
Container and Resource Discovery
Create Account
Create or Modify System Process
Credentials from Password Stores
Data Destruction
Data Encrypted for Impact
Data Manipulation
Data Staged
Data from Cloud Storage Object
Data from Configuration Repository
Data from Information Repositories
Data from Local System
Defacement
Deobfuscate/Decode Files or Information
Disk Wipe
Domain Trust Discovery
Drive-by Compromise
Dynamic Resolution
Endpoint Denial of Service
Event Triggered Execution
Exfiltration Over Alternative Protocol
Exploit Public-Facing Application
Exploitation for Client Execution
Exploitation for Credential Access
Exploitation for Defense Evasion
Exploitation for Privilege Escalation
Exploitation of Remote Services
External Remote Services
Fallback Channels
File and Directory Discovery
File and Directory Permissions Modification
Gather Victim Network Information
Hide Artifacts
Hijack Execution Flow
Impair Defenses
Implant Container Image
Indicator Removal on Host
Indirect Command Execution
Ingress Tool Transfer
Input Capture
Inter-Process Communication
Lateral Tool Transfer
Man-in-the-Middle
Masquerading
Modify Authentication Process
Modify Registry
Network Denial of Service
Network Service Scanning
Network Sniffing
Non-Application Layer Protocol
Non-Standard Port
OS Credential Dumping
Obfuscated Files or Information
Obtain Capabilities
Office Application Startup
Permission Groups Discovery
Phishing
Pre-OS Boot
Process Discovery
Process Injection
Protocol Tunneling
Proxy
Query Registry
Remote Access Software
Remote Service Session Hijacking
Remote Services
Remote System Discovery
Resource Hijacking
SQL Stored Procedures
Scheduled Task/Job
Screen Capture
Search Victim-Owned Websites
Server Software Component
Service Stop
Signed Binary Proxy Execution
Software Deployment Tools
Steal or Forge Kerberos Tickets
Subvert Trust Controls
Supply Chain Compromise
System Information Discovery
Taint Shared Content
Traffic Signaling
Transfer Data to Cloud Account
Trusted Relationship
Unsecured Credentials
User Execution
Valid Accounts
Windows Management Instrumentation

threats

Перечисление

Значение	Описание
accountBreach
dataExfiltration
dataSpillage
denialOfService
elevationOfPrivilege
maliciousInsider
missingCoverage
threatResistance

userImpact

Перечисление

Влияние пользователя на оценку

Значение	Описание
High
Low
Moderate