SecurityAgent / Client / update_threat

update_threat

SecurityAgent.Client.update_threat(**kwargs)

Updates a threat.

See also: AWS API Documentation

Request Syntax

response = client.update_threat(
    threatId='string',
    agentSpaceId='string',
    title='string',
    status='OPEN'|'RESOLVED'|'DISMISSED',
    comments='string',
    statement='string',
    severity='CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFO',
    threatSource='string',
    prerequisites='string',
    threatAction='string',
    threatImpact='string',
    impactedGoal=[
        'string',
    ],
    impactedAssets=[
        'string',
    ],
    anchor={
        'kind': 'string',
        'id': 'string',
        'packageId': 'string'
    },
    evidence=[
        {
            'packageId': 'string',
            'path': 'string'
        },
    ],
    recommendation='string'
)
Parameters:

  • threatId (string) –

    [REQUIRED]

    The unique identifier of the threat to update.

  • agentSpaceId (string) –

    [REQUIRED]

    The unique identifier of the agent space.

  • title (string) – A short title summarizing the threat.

  • status (string) – The updated status of the threat.

  • comments (string) – Optional customer comment.

  • statement (string) – The updated natural-language threat statement.

  • severity (string) – The updated severity level of the threat.

  • threatSource (string) – The updated actor or origin of the threat.

  • prerequisites (string) – The updated conditions required for the threat to be exploitable.

  • threatAction (string) – The updated description of what the threat source can do.

  • threatImpact (string) – The updated direct consequence of the threat action.

  • impactedGoal (list) –

    The updated security goals affected by the threat.

    • (string) –

  • impactedAssets (list) –

    The updated list of specific assets affected by the threat.

    • (string) –

  • anchor (dict) –

    The updated DFD element this threat is anchored to.

    • kind (string) –

      The kind of DFD element.

    • id (string) –

      The identifier of the DFD element.

    • packageId (string) –

      The package identifier containing the DFD element.

  • evidence (list) –

    The updated source code files supporting the threat.

    • (dict) –

      Source code file supporting a threat.

      • packageId (string) –

        The package identifier containing the evidence file.

      • path (string) –

        The file path of the evidence.

  • recommendation (string) – The updated recommended mitigation guidance for this threat.

Return type:

dict

Returns:

Response Syntax

{
    'threatId': 'string',
    'threatJobId': 'string',
    'title': 'string',
    'statement': 'string',
    'severity': 'CRITICAL'|'HIGH'|'MEDIUM'|'LOW'|'INFO',
    'status': 'OPEN'|'RESOLVED'|'DISMISSED',
    'comments': 'string',
    'stride': [
        'SPOOFING'|'TAMPERING'|'REPUDIATION'|'INFORMATION_DISCLOSURE'|'DENIAL_OF_SERVICE'|'ELEVATION_OF_PRIVILEGE',
    ],
    'threatSource': 'string',
    'prerequisites': 'string',
    'threatAction': 'string',
    'threatImpact': 'string',
    'impactedGoal': [
        'string',
    ],
    'impactedAssets': [
        'string',
    ],
    'anchor': {
        'kind': 'string',
        'id': 'string',
        'packageId': 'string'
    },
    'evidence': [
        {
            'packageId': 'string',
            'path': 'string'
        },
    ],
    'recommendation': 'string',
    'createdBy': 'CUSTOMER'|'AGENT',
    'updatedBy': 'CUSTOMER'|'AGENT',
    'createdAt': datetime(2015, 1, 1),
    'updatedAt': datetime(2015, 1, 1)
}

Response Structure

  • (dict) –

    Output for the UpdateThreat operation.

    • threatId (string) –

      The unique identifier of the threat.

    • threatJobId (string) –

      The unique identifier of the threat model job the threat belongs to.

    • title (string) –

      A short title summarizing the threat.

    • statement (string) –

      The natural-language threat statement.

    • severity (string) –

      The severity level of the threat.

    • status (string) –

      The current status of the threat.

    • comments (string) –

      Optional customer comment on the threat.

    • stride (list) –

      The STRIDE categories applicable to this threat.

      • (string) –

        STRIDE threat classification category.

    • threatSource (string) –

      The actor or origin of the threat.

    • prerequisites (string) –

      The conditions required for the threat to be exploitable.

    • threatAction (string) –

      What the threat source can do.

    • threatImpact (string) –

      The direct consequence of the threat action.

    • impactedGoal (list) –

      The security goals affected by the threat.

      • (string) –

    • impactedAssets (list) –

      The specific assets affected by the threat.

      • (string) –

    • anchor (dict) –

      The DFD element this threat is anchored to.

      • kind (string) –

        The kind of DFD element.

      • id (string) –

        The identifier of the DFD element.

      • packageId (string) –

        The package identifier containing the DFD element.

    • evidence (list) –

      The source code files supporting the threat.

      • (dict) –

        Source code file supporting a threat.

        • packageId (string) –

          The package identifier containing the evidence file.

        • path (string) –

          The file path of the evidence.

    • recommendation (string) –

      The recommended mitigation guidance for this threat.

    • createdBy (string) –

      Who created this threat.

    • updatedBy (string) –

      Who last updated this threat.

    • createdAt (datetime) –

      The date and time the threat was created, in UTC format.

    • updatedAt (datetime) –

      The date and time the threat was last updated, in UTC format.