| DiscoveryDetails |
The Discovery Details object describes results of a discovery task/job |
yes |
| PrivilegeInfo |
The Privilege Info object describes information about a specific privilege, |
yes |
| Group |
The Group object represents a collection or association of entities, such as |
yes |
| Ja4Fingerprint |
The JA4+ fingerprint object provides detailed fingerprint information about |
yes |
| DatastoreActivity |
Datastore events describe general activities (Read, Update, Query, Delete, |
yes |
| Dns |
The Domain Name System (DNS) object represents the shared information |
yes |
| Databucket |
The databucket object is a basic container that holds data, typically organiz... |
yes |
| WebResource |
The Web Resource object describes characteristics of a web resource that was |
yes |
| Agent |
An Agent (also known as a Sensor) is typically installed on an Operating Syst... |
yes |
| EncryptionDetails |
Details about the encryption methodology utilized |
yes |
| FtpActivity |
File Transfer Protocol (FTP) Activity events report file transfers between a |
yes |
| Module |
The Module object describes the attributes of a module |
yes |
| ManagedEntity |
The Managed Entity object describes the type and version of an entity, such a... |
yes |
| Node |
Represents a node or a vertex in a graph structure |
yes |
| Trait |
Describes a characteristic or feature of an entity that was observed |
yes |
| MalwareScanInfo |
The malware scan information object describes characteristics, metadata of a |
no |
| File |
The File object represents the metadata associated with a file stored in a |
yes |
| Database |
The database object is used for databases which are typically datastore |
yes |
| Osint |
The OSINT (Open Source Intelligence) object contains details related to an |
yes |
| WindowsStartupItem |
The startup item object describes an application component that has associate... |
no |
| NetworkEndpoint |
The Network Endpoint object describes characteristics of a network endpoint |
yes |
| NetworkInterface |
The Network Interface object describes the type and associated attributes of ... |
yes |
| NetworkProxy |
The network proxy endpoint object describes a proxy server, which acts as an |
no |
| Observable |
The observable object is a pivot element that contains related information |
yes |
| DomainContact |
The contact information related to a domain registration, e |
yes |
| Scan |
The Scan object describes characteristics of a proactive scan |
yes |
| ResourceDetails |
The Resource Details object describes details about resources that were |
no |
| Analytic |
The Analytic object contains details about the analytic technique used to |
yes |
| Sbom |
The Software Bill of Materials object describes characteristics of a generate... |
yes |
| Os |
The Operating System (OS) object describes characteristics of an OS, such as |
yes |
| ThreatActor |
Threat actor is responsible for the observed malicious activity |
yes |
| Metadata |
The Metadata object describes the metadata associated with the event |
yes |
| Script |
The Script object describes a script or command that can be executed by a |
yes |
| User |
The User object describes the characteristics of a user/person or a security |
yes |
| Resource |
The Resource object contains attributes that provide information about a |
yes |
| Account |
The Account object contains details about the account that initiated or |
yes |
| RegValue |
The registry value object describes a Windows registry value |
yes |
| ClassifierDetails |
The Classifier Details object describes details about the classifier used for |
yes |
| Ticket |
The Ticket object represents ticket in the customer's IT Service Management |
yes |
| TlsExtension |
The TLS Extension object describes additional attributes that extend the base |
yes |
| ApplicationObject |
An Application describes the details for an inventoried application as report... |
yes |
| DnsAnswer |
The DNS Answer object represents a specific response provided by the Domain |
yes |
| Endpoint |
The Endpoint object describes a physical or virtual device that connects to a... |
yes |
| San |
The Subject Alternative name (SAN) object describes a SAN secured by a digita... |
yes |
| Policy |
The Policy object describes the policies that are applicable |
yes |
| SoftwareComponent |
The Software Component object describes characteristics of a software compone... |
yes |
| Package |
The Software Package object describes details about a software package |
yes |
| UnmannedSystemOperatingArea |
The Unmanned System Operating Area object describes details about a precise |
yes |
| ProgrammaticCredential |
The Programmatic Credential object describes service-specific credentials use... |
yes |
| DnsQuery |
The DNS query object represents a specific request made to the Domain Name |
no |
| Cve |
The Common Vulnerabilities and Exposures (CVE) object represents publicly |
yes |
| StartupItem |
The startup item object describes an application component that has associate... |
yes |
| Rule |
The Rule object describes characteristics of a rule associated with a policy ... |
yes |
| UnmannedAerialSystem |
The Unmanned Aerial System object describes the characteristics, Position |
yes |
| Device |
The Device object represents an addressable computer system or host, which is |
yes |
| AnalysisTarget |
The analysis target defines the scope of monitored activities, specifying wha... |
yes |
| Enrichment |
The Enrichment object provides inline enrichment data for specific attributes |
yes |
| WinResource |
The Windows resource object describes a resource object managed by Windows, |
yes |
| AffectedPackage |
The Affected Package object describes details about a software package |
no |
| FirewallRule |
The Firewall Rule object represents a specific rule within a firewall policy ... |
no |
| Graph |
A graph data structure representation with nodes and edges |
yes |
| Kernel |
The Kernel Resource object provides information about a specific kernel |
yes |
| AuthenticationToken |
The Authentication Token object extends the base token object an... |
yes |
| Token |
The Token object is the base object for representing tokens, API keys, and |
yes |
| PeripheralDevice |
The peripheral device object describes the properties of external, connectabl... |
yes |
| Timespan |
The Time Span object represents different time period durations |
yes |
| RelatedEvent |
The Related Event object describes an event or another finding related to a |
yes |