Slot: impact_id
The normalized impact of the incident or finding. Per NIST, this is the
magnitude of harm that can be expected to result from the consequences of
unauthorized disclosure, modification, destruction, or loss of information or
information system availability.
URI: ocsf:impact_id Alias: impact_id
Applicable Classes
| Name | Description | Modifies Slot |
|---|---|---|
| IncidentProfile | The attributes that add incident handling semantics to a Finding | yes |
| DetectionFinding | A Detection Finding describes detections or alerts generated by security | yes |
| DataSecurityFinding | A Data Security Finding describes detections or alerts generated by various | yes |
| ApplicationSecurityPostureFinding | The Application Security Posture Finding event is a notification about any bu... | no |
| SecurityFinding | Security Finding events describe findings, detections, anomalies, alerts and/... | yes |
| VulnerabilityFinding | The Vulnerability Finding event is a notification about weakness in an | no |
| ComplianceFinding | Compliance Finding events describe results of evaluations performed against | no |
| IncidentFinding | An Incident Finding reports the creation, update, or closure of security | yes |
| IamAnalysisFinding | This finding represents an IAM analysis result, which evaluates IAM policies, | no |
| Finding | The Finding event is a generic event that defines a set of attributes availab... | no |
Properties
Type and Range
| Property | Value |
|---|---|
| Range | ImpactIdEnum |
| Domain Of | IncidentProfile, DataSecurityFinding, DetectionFinding, IncidentFinding, SecurityFinding |
Cardinality and Requirements
| Property | Value |
|---|---|
Aliases
- Impact ID
See Also
Notes
- NIST SP 800-172 from FIPS 199 — https://doi.org/10.6028/NIST.FIPS.199
- NIST Computer Security Resource Center — https://doi.org/10.6028/NIST.FIPS.199
Identifier and Mapping Information
Annotations
| property | value |
|---|---|
| sibling | impact |
| ocsf_source | impact value; impact level |
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:impact_id |
| native | ocsf:impact_id |
LinkML Source
name: impact_id
annotations:
sibling:
tag: sibling
value: impact
ocsf_source:
tag: ocsf_source
value: impact value; impact level
description: 'The normalized impact of the incident or finding. Per NIST, this is
the
magnitude of harm that can be expected to result from the consequences of
unauthorized disclosure, modification, destruction, or loss of information or
information system availability.'
notes:
- NIST SP 800-172 from FIPS 199 — https://doi.org/10.6028/NIST.FIPS.199
- NIST Computer Security Resource Center — https://doi.org/10.6028/NIST.FIPS.199
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://doi.org/10.6028/NIST.FIPS.199
- https://doi.org/10.6028/NIST.FIPS.199
aliases:
- Impact ID
rank: 1000
alias: impact_id
domain_of:
- IncidentProfile
- DataSecurityFinding
- DetectionFinding
- IncidentFinding
- SecurityFinding
range: ImpactIdEnum