SecurityAgent / Client / create_threat

create_threat¶

SecurityAgent.Client.create_threat(**kwargs)¶

Creates a new threat under a threat model job.

Request Syntax

response = client.create_threat(
    agentSpaceId='string',
    threatJobId='string',
    title='string',
    statement='string',
    severity='CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFO',
    comments='string',
    stride=[
        'SPOOFING'|'TAMPERING'|'REPUDIATION'|'INFORMATION_DISCLOSURE'|'DENIAL_OF_SERVICE'|'ELEVATION_OF_PRIVILEGE',
    ],
    threatSource='string',
    prerequisites='string',
    threatAction='string',
    threatImpact='string',
    impactedGoal=[
        'string',
    ],
    impactedAssets=[
        'string',
    ],
    anchor={
        'kind': 'string',
        'id': 'string',
        'packageId': 'string'
    },
    evidence=[
        {
            'packageId': 'string',
            'path': 'string'
        },
    ],
    recommendation='string'
)

Parameters:

agentSpaceId (string) –
[REQUIRED]

The unique identifier of the agent space.
threatJobId (string) –
[REQUIRED]

The unique identifier of the threat model job the threat belongs to.
title (string) – A short title summarizing the threat.
statement (string) – The natural-language threat statement.
severity (string) – The severity level of the threat.
comments (string) – Optional customer comment on the threat.
stride (list) –
The STRIDE categories applicable to this threat.
- (string) –
  
  STRIDE threat classification category.
threatSource (string) – The actor or origin of the threat.
prerequisites (string) – The conditions required for the threat to be exploitable.
threatAction (string) – What the threat source can do.
threatImpact (string) – The direct consequence of the threat action.
impactedGoal (list) –
The security goals affected by the threat.
- (string) –
impactedAssets (list) –
The specific assets affected by the threat.
- (string) –
anchor (dict) –
The DFD element this threat is anchored to.
- kind (string) –
  
  The kind of DFD element.
- id (string) –
  
  The identifier of the DFD element.
- packageId (string) –
  
  The package identifier containing the DFD element.
evidence (list) –
The source code files supporting the threat.
- (dict) –
  
  Source code file supporting a threat.
  - packageId (string) –
    
    The package identifier containing the evidence file.
  - path (string) –
    
    The file path of the evidence.
recommendation (string) – The recommended mitigation guidance for this threat.

Return type:

dict

Returns:

Response Syntax

{
    'threatId': 'string',
    'threatJobId': 'string',
    'title': 'string',
    'statement': 'string',
    'severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFO',
    'status': 'OPEN'|'RESOLVED'|'DISMISSED',
    'comments': 'string',
    'stride': [
        'SPOOFING'|'TAMPERING'|'REPUDIATION'|'INFORMATION_DISCLOSURE'|'DENIAL_OF_SERVICE'|'ELEVATION_OF_PRIVILEGE',
    ],
    'threatSource': 'string',
    'prerequisites': 'string',
    'threatAction': 'string',
    'threatImpact': 'string',
    'impactedGoal': [
        'string',
    ],
    'impactedAssets': [
        'string',
    ],
    'anchor': {
        'kind': 'string',
        'id': 'string',
        'packageId': 'string'
    },
    'evidence': [
        {
            'packageId': 'string',
            'path': 'string'
        },
    ],
    'recommendation': 'string',
    'createdBy': 'CUSTOMER'|'AGENT',
    'updatedBy': 'CUSTOMER'|'AGENT',
    'createdAt': datetime(2015, 1, 1),
    'updatedAt': datetime(2015, 1, 1)
}

Response Structure

(dict) –

Output for the CreateThreat operation.
- threatId (string) –
  
  The unique identifier of the created threat.
- threatJobId (string) –
  
  The unique identifier of the threat model job the threat belongs to.
- title (string) –
  
  A short title summarizing the threat.
- statement (string) –
  
  The natural-language threat statement.
- severity (string) –
  
  The severity level of the threat.
- status (string) –
  
  The current status of the threat.
- comments (string) –
  
  Optional customer comment on the threat.
- stride (list) –
  
  The STRIDE categories applicable to this threat.
  - (string) –
    
    STRIDE threat classification category.
- threatSource (string) –
  
  The actor or origin of the threat.
- prerequisites (string) –
  
  The conditions required for the threat to be exploitable.
- threatAction (string) –
  
  What the threat source can do.
- threatImpact (string) –
  
  The direct consequence of the threat action.
- impactedGoal (list) –
  
  The security goals affected by the threat.
  - (string) –
- impactedAssets (list) –
  
  The specific assets affected by the threat.
  - (string) –
- anchor (dict) –
  
  The DFD element this threat is anchored to.
  - kind (string) –
    
    The kind of DFD element.
  - id (string) –
    
    The identifier of the DFD element.
  - packageId (string) –
    
    The package identifier containing the DFD element.
- evidence (list) –
  
  The source code files supporting the threat.
  - (dict) –
    
    Source code file supporting a threat.
    - packageId (string) –
      
      The package identifier containing the evidence file.
    - path (string) –
      
      The file path of the evidence.
- recommendation (string) –
  
  The recommended mitigation guidance for this threat.
- createdBy (string) –
  
  Who created this threat.
- updatedBy (string) –
  
  Who last updated this threat.
- createdAt (datetime) –
  
  The date and time the threat was created, in UTC format.
- updatedAt (datetime) –
  
  The date and time the threat was last updated, in UTC format.