{ "openapi": "3.0.1", "info": { "title": "OpenAPI definition", "version": "v0" }, "servers": [ { "url": "https://dev.cybersaint.io", "description": "Generated server url" } ], "paths": { "/api/v1/public/control-score-actions/{id}": { "patch": { "tags": ["Assessment Control Score Actions"], "operationId": "patchControlScoreAction", "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "requestBody": { "content": { "application/json": { "schema": { "type": "object", "additionalProperties": { "type": "object" } } } }, "required": true }, "responses": { "200": { "description": "OK" } } } }, "/api/v1/public/risks": { "get": { "tags": ["Risks"], "summary": "Retrieve risks", "operationId": "findAll", "parameters": [ { "name": "includeControls", "in": "query", "required": false, "schema": { "type": "boolean", "default": false } }, { "name": "page", "in": "query", "description": "Zero based page to retrieve" }, { "name": "size", "in": "query", "description": "Size of the page to retrieve. When the includeControls parameter is included and set to true, size will be restricted to a maximum value of 10 due to payload size considerations." } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/PageRiskResponseV1" } } } } } } }, "/api/v1/public/risks/{id}": { "get": { "tags": ["Risks"], "summary": "Retrieve risk by id", "operationId": "findRisk", "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } }, { "name": "includeControls", "in": "query", "required": false, "schema": { "type": "boolean", "default": false } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "oneOf": [ { "$ref": "#/components/schemas/CyberInsightRiskResponseV1" }, { "$ref": "#/components/schemas/FairRiskResponseV1" }, { "$ref": "#/components/schemas/NistRiskResponseV1" } ] } } } } } } }, "/api/v1/public/risks/{id}/control-scores": { "get": { "tags": ["Risks"], "summary": "Retrieve all control scores associated with a risk", "operationId": "findRiskControlScores", "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/ControlScorePublicDtoV1" } } } } } } } }, "/api/v1/public/risk-dashboards": { "get": { "tags": ["Risk-Dashboards"], "summary": "Find all risk dashboards in customer environment", "operationId": "findAll_1", "parameters": [ { "name": "page", "in": "query", "description": "Zero based page to retrieve" }, { "name": "size", "in": "query", "description": "Size of the page to retrieve" }, { "name": "sort", "in": "query", "description": "Sort the results based one or more fields", "schema": { "type": "string", "enum": ["name,desc", "name,asc"] } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/PageRiskDashboardResponseV1" } } } } } } }, "/api/v1/public/risk-dashboards/{id}/risks": { "get": { "tags": ["Risk-Dashboards"], "operationId": "findRisks", "parameters": [ { "name": "created.gte", "in": "query", "required": false, "schema": { "type": "string", "format": "date-time" } }, { "name": "updated.gte", "in": "query", "required": false, "schema": { "type": "string", "format": "date-time" } }, { "name": "includeControls", "in": "query", "required": false, "schema": { "type": "boolean", "default": false } }, { "name": "id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } }, { "name": "page", "in": "query", "description": "Zero based page to retrieve" }, { "name": "size", "in": "query", "description": "Size of the page to retrieve" } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/PageRiskResponseV1" } } } } } } }, "/api/v1/public/frameworks/{frameworkId}": { "get": { "tags": ["Frameworks"], "operationId": "getFrameworkById", "parameters": [ { "name": "frameworkId", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/FrameworkPublicDtoV1" } } } } } } }, "/api/v1/public/frameworks/{frameworkId}/score-model": { "get": { "tags": ["Frameworks"], "summary": "Retrieve the score model with values that the framework is configured with", "operationId": "getScoreModel", "parameters": [ { "name": "frameworkId", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/ScoreModelPublicDtoV1" } } } } } } }, "/api/v1/public/frameworks/{frameworkId}/metadata-fields": { "get": { "tags": ["Frameworks"], "summary": "Retrieve all the configured metadata fields for a framework", "operationId": "findMetadataFields", "parameters": [ { "name": "frameworkId", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/FrameworkMetadataFieldResponseV1" } } } } } } }, "/api/v1/public/frameworks/{frameworkId}/controls": { "get": { "tags": ["Frameworks"], "summary": "Retrieve all controls for a framework. If the framework displays control actions then controls will include their control actions", "operationId": "getControlsByFrameworkId", "parameters": [ { "name": "frameworkId", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } }, { "name": "page", "in": "query", "description": "Zero based page to retrieve" }, { "name": "size", "in": "query", "description": "Size of the page to retrieve" } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/PageControlPublicDtoV1" } } } } } } }, "/api/v1/public/evidences": { "get": { "tags": ["Evidences"], "summary": "Retrieve evidence for every control in an assessment", "operationId": "getAllEvidence", "parameters": [ { "name": "created.gte", "in": "query", "required": false, "schema": { "type": "string", "format": "date-time" } }, { "name": "updated.gte", "in": "query", "required": false, "schema": { "type": "string", "format": "date-time" } }, { "name": "page", "in": "query", "description": "Zero based page to retrieve" }, { "name": "size", "in": "query", "description": "Size of the page to retrieve" }, { "name": "sort", "in": "query", "description": "Sort the results based one or more fields", "schema": { "type": "string", "enum": [ "createdAt,desc", "createdAt,asc", "createdAt", "lastUpdatedAt", "lastUpdatedAt,desc", "lastUpdatedAt,asc" ] } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/PageEvidencePublicDtoV1" } } } } } } }, "/api/v1/public/controls/{controlId}": { "get": { "tags": ["Controls"], "summary": "Retrieve a control by its internal id", "operationId": "getControl", "parameters": [ { "name": "controlId", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "responses": { "404": { "description": "Control not found", "content": { "application/json": {} } }, "200": { "description": "OK", "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ControlPublicDtoV1" } } } } } } }, "/api/v1/public/control-scores/{controlScoreId}/actions": { "get": { "tags": ["Assessment Control Scores"], "summary": "A control score actions", "operationId": "findControlScoreActions", "parameters": [ { "name": "controlScoreId", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "type": "array", "items": { "$ref": "#/components/schemas/ControlScoreActionDtoV1" } } } } } } } }, "/api/v1/public/assessments": { "get": { "tags": ["Assessments"], "summary": "Retrieve an assessment", "operationId": "findAll_2", "parameters": [ { "name": "includeControls", "in": "query", "required": false, "schema": { "type": "boolean", "default": false } }, { "name": "page", "in": "query", "description": "Zero based page to retrieve" }, { "name": "size", "in": "query", "description": "Size of the page to retrieve. When the includeControls parameter is included and set to true, size will be restricted to a maximum value of 10 due to payload size considerations." }, { "name": "sort", "in": "query", "description": "Sort the results based one or more fields", "schema": { "type": "string", "enum": [ "createdAt,desc", "createdAt,asc", "createdAt", "lastUpdatedAt", "lastUpdatedAt,desc", "lastUpdatedAt,asc", "name", "name,desc", "name,asc", "percentComplete", "percentComplete,desc", "percentComplete,asc" ] } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/PageAssessmentPublicDtoV1" } } } } } } }, "/api/v1/public/assessments/{id}": { "get": { "tags": ["Assessments"], "summary": "Retrieve an assessment by id", "operationId": "findById", "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } }, { "name": "includeControls", "in": "query", "required": false, "schema": { "type": "boolean", "default": false } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/AssessmentPublicDtoV1" } } } } } } }, "/api/v1/public/assessments/{id}/csf": { "get": { "tags": ["Assessments"], "summary": "Retrieve the NIST CSF Scores for an assessment", "operationId": "findCsfScores", "parameters": [ { "name": "id", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/AssessmentCsfScoresResponseV1" } } } } } } }, "/api/v1/public/assessments/{assessmentId}/metadata": { "get": { "tags": ["Assessments"], "summary": "Retrieve all metadata fields that are associated with an assessment", "operationId": "getMetadata", "parameters": [ { "name": "assessmentId", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/AssessmentMetadataFieldsResponseV1" } } } } } } }, "/api/v1/public/assessments/{assessmentId}/evidences": { "get": { "tags": ["Assessments"], "summary": "Retrieve evidence for every control in an assessment", "operationId": "getEvidence", "parameters": [ { "name": "assessmentId", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } }, { "name": "created.gte", "in": "query", "required": false, "schema": { "type": "string", "format": "date-time" } }, { "name": "updated.gte", "in": "query", "required": false, "schema": { "type": "string", "format": "date-time" } }, { "name": "page", "in": "query", "description": "Zero based page to retrieve" }, { "name": "size", "in": "query", "description": "Size of the page to retrieve" }, { "name": "sort", "in": "query", "description": "Sort the results based one or more fields", "schema": { "type": "string", "enum": [ "createdAt,desc", "createdAt,asc", "createdAt", "lastUpdatedAt", "lastUpdatedAt,desc", "lastUpdatedAt,asc" ] } } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/PageEvidencePublicDtoV1" } } } } } } }, "/api/v1/public/assessments/{assessmentId}/control-scores": { "get": { "tags": ["Assessments"], "summary": "Retrieve all the control scores associated with an assessment", "operationId": "findAllControlScores", "parameters": [ { "name": "assessmentId", "in": "path", "required": true, "schema": { "type": "string", "format": "uuid" } }, { "name": "page", "in": "query", "description": "Zero based page to retrieve" }, { "name": "size", "in": "query", "description": "Size of the page to retrieve" } ], "responses": { "200": { "description": "OK", "content": { "*/*": { "schema": { "$ref": "#/components/schemas/PageControlScorePublicDtoV1" } } } } } } } }, "components": { "schemas": { "ControlWithScoresControlScoreV1": { "required": [ "assessmentId", "assessmentIdentifier", "assessmentName", "controlFamily", "controlId", "controlLabel", "controlScoreId", "excludeFromScore", "frameworkId", "isRestricted", "isScored" ], "type": "object", "properties": { "controlId": { "type": "string", "format": "uuid" }, "controlFamily": { "type": "string" }, "controlLabel": { "type": "string" }, "parentControlLabel": { "type": "string" }, "auxiliaryControlLabel": { "type": "string" }, "assessmentId": { "type": "string", "format": "uuid" }, "assessmentIdentifier": { "type": "string" }, "assessmentName": { "type": "string" }, "score": { "type": "number" }, "normalizedScore": { "type": "number" }, "scoreLabel": { "type": "string" }, "controlScoreId": { "type": "string", "format": "uuid" }, "excludeFromScore": { "type": "boolean" }, "frameworkId": { "type": "string", "format": "uuid" }, "isScored": { "type": "boolean" }, "isRestricted": { "type": "boolean" } } }, "ControlWithScoresV1": { "required": [ "controlFamily", "controlId", "controlLabel", "controlScores" ], "type": "object", "properties": { "controlId": { "type": "string", "format": "uuid" }, "controlFamily": { "type": "string" }, "controlLabel": { "type": "string" }, "parentControlLabel": { "type": "string" }, "auxiliaryControlLabel": { "type": "string" }, "controlScores": { "type": "array", "items": { "$ref": "#/components/schemas/ControlWithScoresControlScoreV1" } }, "score": { "type": "number" }, "normalizedScore": { "type": "number" } } }, "CyberInsightRiskResponseV1": { "required": [ "annualizedLossExpectancyMax", "annualizedLossExpectancyMin", "annualizedLossExpectancyMostLikely", "associatedControlScores", "associatedControls", "createdAt", "createdBy", "id", "name", "owners", "riskDashboardId", "riskDashboardName", "riskDashboardType", "updatedBy" ], "type": "object", "allOf": [ { "$ref": "#/components/schemas/RiskResponseV1" }, { "type": "object", "properties": { "treatmentPlanOptionId": { "type": "string", "format": "uuid" }, "treatmentPlanDueDate": { "type": "string", "format": "date-time" }, "treatmentPlanNote": { "type": "string" }, "overallInherentLikelihoodLevelValue": { "type": "number" }, "overallInherentLikelihoodLevelVariance": { "type": "number" }, "overallInherentLikelihoodLevelConfidence": { "type": "number" }, "overallResidualLikelihoodLevelValue": { "type": "number" }, "overallResidualLikelihoodLevelVariance": { "type": "number" }, "overallResidualLikelihoodLevelConfidence": { "type": "number" }, "overallInherentImpactLevelValue": { "type": "number" }, "overallInherentImpactLevelVariance": { "type": "number" }, "overallInherentImpactLevelConfidence": { "type": "number" }, "overallResidualImpactLevelValue": { "type": "number" }, "overallResidualImpactLevelVariance": { "type": "number" }, "overallResidualImpactLevelConfidence": { "type": "number" }, "overallInherentRiskLevelValue": { "type": "number" }, "overallInherentRiskLevelVariance": { "type": "number" }, "overallInherentRiskLevelConfidence": { "type": "number" }, "overallResidualRiskLevelValue": { "type": "number" }, "overallResidualRiskLevelVariance": { "type": "number" }, "overallResidualRiskLevelConfidence": { "type": "number" }, "attackSurface": { "type": "number" }, "threatActorCapacity": { "type": "number" }, "threatLevel": { "type": "number" }, "priorAttackProbability": { "type": "number" }, "attackProbability": { "type": "number" }, "attackMotivators": { "type": "number" }, "exploitability": { "type": "number" }, "vulnerability": { "type": "number" }, "directImpact": { "type": "number" }, "indirectImpact": { "type": "number" }, "targetOverallInherentLikelihoodLevelValue": { "type": "number" }, "targetOverallInherentLikelihoodLevelVariance": { "type": "number" }, "targetOverallInherentLikelihoodLevelConfidence": { "type": "number" }, "targetOverallResidualLikelihoodLevelValue": { "type": "number" }, "targetOverallResidualLikelihoodLevelVariance": { "type": "number" }, "targetOverallResidualLikelihoodLevelConfidence": { "type": "number" }, "targetOverallInherentImpactLevelValue": { "type": "number" }, "targetOverallInherentImpactLevelVariance": { "type": "number" }, "targetOverallInherentImpactLevelConfidence": { "type": "number" }, "targetOverallResidualImpactLevelValue": { "type": "number" }, "targetOverallResidualImpactLevelVariance": { "type": "number" }, "targetOverallResidualImpactLevelConfidence": { "type": "number" }, "targetOverallInherentRiskLevelValue": { "type": "number" }, "targetOverallInherentRiskLevelVariance": { "type": "number" }, "targetOverallInherentRiskLevelConfidence": { "type": "number" }, "targetOverallResidualRiskLevelValue": { "type": "number" }, "targetOverallResidualRiskLevelVariance": { "type": "number" }, "targetOverallResidualRiskLevelConfidence": { "type": "number" }, "targetAttackSurface": { "type": "number" }, "targetThreatActorCapacity": { "type": "number" }, "targetThreatLevel": { "type": "number" }, "targetPriorAttackProbability": { "type": "number" }, "targetAttackProbability": { "type": "number" }, "targetAttackMotivators": { "type": "number" }, "targetExploitability": { "type": "number" }, "targetVulnerability": { "type": "number" }, "targetDirectImpact": { "type": "number" }, "targetIndirectImpact": { "type": "number" }, "ttpThreatCoverageValue": { "type": "number" }, "ttpThreatCoverageVariance": { "type": "number" }, "ttpThreatCoverageConfidence": { "type": "number" }, "ttpControlCoverageValue": { "type": "number" }, "ttpControlCoverageVariance": { "type": "number" }, "ttpControlCoverageConfidence": { "type": "number" }, "ttpControlEffectivenessValue": { "type": "number" }, "ttpControlEffectivenessVariance": { "type": "number" }, "ttpControlEffectivenessConfidence": { "type": "number" }, "annualizedLossExpectancyMin": { "type": "integer", "format": "int64" }, "annualizedLossExpectancyMax": { "type": "integer", "format": "int64" }, "annualizedLossExpectancyMostLikely": { "type": "integer", "format": "int64" } } } ] }, "FairRiskResponseV1": { "required": [ "associatedControlIds", "associatedControlScoreIds", "associatedControlScores", "associatedControls", "createdAt", "createdBy", "id", "lossCurve", "lossFrequencyMax", "lossFrequencyMin", "lossFrequencyMostLikely", "lossMagnitudeMax", "lossMagnitudeMin", "lossMagnitudeMostLikely", "maxLoss", "meanLoss", "minLoss", "name", "ninetyPercentile", "owners", "riskDashboardId", "riskDashboardName", "riskDashboardType", "riskDistributionCurve", "tenthPercentile", "updatedBy" ], "type": "object", "allOf": [ { "$ref": "#/components/schemas/RiskResponseV1" }, { "type": "object", "properties": { "lossFrequencyMin": { "type": "number", "format": "double" }, "lossFrequencyMax": { "type": "number", "format": "double" }, "lossFrequencyMostLikely": { "type": "number", "format": "double" }, "lossMagnitudeMin": { "type": "integer", "format": "int64" }, "lossMagnitudeMax": { "type": "integer", "format": "int64" }, "lossMagnitudeMostLikely": { "type": "integer", "format": "int64" }, "minLoss": { "type": "number" }, "maxLoss": { "type": "number" }, "meanLoss": { "type": "number" }, "ninetyPercentile": { "type": "number" }, "tenthPercentile": { "type": "number" }, "lossFrequencyDescription": { "type": "string" }, "lossMagnitudeDescription": { "type": "string" }, "associatedControlIds": { "type": "array", "items": { "type": "string", "format": "uuid" } }, "associatedControlScoreIds": { "type": "array", "items": { "type": "string", "format": "uuid" } }, "lossCurve": { "type": "array", "items": { "$ref": "#/components/schemas/LossCurveValue" } }, "riskDistributionCurve": { "type": "array", "items": { "$ref": "#/components/schemas/RiskDistributionValue" } } } } ] }, "LossCurveValue": { "required": ["chance", "lossGreaterThan"], "type": "object", "properties": { "chance": { "type": "number" }, "lossGreaterThan": { "type": "number" } } }, "NistRiskResponseV1": { "required": [ "associatedControlScores", "associatedControls", "createdAt", "createdBy", "id", "impactId", "impactLabel", "impactValue", "likelihoodId", "likelihoodLabel", "likelihoodValue", "name", "owners", "riskDashboardId", "riskDashboardName", "riskDashboardType", "riskMethod", "riskModelId", "riskModelName", "singleLossExpectancyMax", "singleLossExpectancyMaxFormatted", "singleLossExpectancyMin", "singleLossExpectancyMinFormatted", "singleLossExpectancyMostLikely", "singleLossExpectancyMostLikelyFormatted", "threatEventFrequencyMax", "threatEventFrequencyMin", "threatEventFrequencyMostLikely", "trend", "updatedBy" ], "type": "object", "allOf": [ { "$ref": "#/components/schemas/RiskResponseV1" }, { "type": "object", "properties": { "riskMethod": { "type": "string", "enum": ["FAIR", "NIST", "BAH"] }, "riskModelId": { "type": "string", "format": "uuid" }, "riskModelName": { "type": "string" }, "likelihoodId": { "type": "string", "format": "uuid" }, "likelihoodLabel": { "type": "string" }, "likelihoodValue": { "type": "number" }, "likelihoodDetails": { "type": "string" }, "impactId": { "type": "string", "format": "uuid" }, "impactLabel": { "type": "string" }, "impactValue": { "type": "number" }, "impactDetails": { "type": "string" }, "threatEventFrequencyMin": { "type": "number" }, "threatEventFrequencyMax": { "type": "number" }, "threatEventFrequencyMostLikely": { "type": "number" }, "singleLossExpectancyMin": { "type": "number" }, "singleLossExpectancyMinFormatted": { "type": "string" }, "singleLossExpectancyMax": { "type": "number" }, "singleLossExpectancyMaxFormatted": { "type": "string" }, "singleLossExpectancyMostLikely": { "type": "number" }, "singleLossExpectancyMostLikelyFormatted": { "type": "string" }, "trend": { "type": "string", "enum": ["UP", "NO_CHANGE", "DOWN"] }, "target": { "$ref": "#/components/schemas/NistRiskTargetV1" } } } ] }, "NistRiskTargetV1": { "required": [ "singleLossExpectancyEnabled", "targetDate", "threatEventFrequencyMax", "threatEventFrequencyMin", "threatEventFrequencyMostLikely" ], "type": "object", "properties": { "likelihoodId": { "type": "string", "format": "uuid" }, "likelihoodLabel": { "type": "string" }, "likelihoodValue": { "type": "number" }, "threatEventFrequencyMin": { "type": "number" }, "threatEventFrequencyMax": { "type": "number" }, "threatEventFrequencyMostLikely": { "type": "number" }, "targetDate": { "type": "string", "format": "date-time" }, "singleLossExpectancyEnabled": { "type": "boolean" }, "singleLossExpectancyMin": { "type": "number" }, "singleLossExpectancyMinFormatted": { "type": "string" }, "singleLossExpectancyMax": { "type": "number" }, "singleLossExpectancyMaxFormatted": { "type": "string" }, "singleLossExpectancyMostLikely": { "type": "number" }, "singleLossExpectancyMostLikelyFormatted": { "type": "string" } } }, "PageRiskResponseV1": { "type": "object", "properties": { "totalElements": { "type": "integer", "format": "int64" }, "totalPages": { "type": "integer", "format": "int32" }, "first": { "type": "boolean" }, "size": { "type": "integer", "format": "int32" }, "content": { "type": "array", "items": { "oneOf": [ { "$ref": "#/components/schemas/CyberInsightRiskResponseV1" }, { "$ref": "#/components/schemas/FairRiskResponseV1" }, { "$ref": "#/components/schemas/NistRiskResponseV1" } ] } }, "number": { "type": "integer", "format": "int32" }, "sort": { "$ref": "#/components/schemas/SortObject" }, "numberOfElements": { "type": "integer", "format": "int32" }, "last": { "type": "boolean" }, "pageable": { "$ref": "#/components/schemas/PageableObject" }, "empty": { "type": "boolean" } } }, "PageableObject": { "type": "object", "properties": { "offset": { "type": "integer", "format": "int64" }, "sort": { "$ref": "#/components/schemas/SortObject" }, "pageNumber": { "type": "integer", "format": "int32" }, "pageSize": { "type": "integer", "format": "int32" }, "paged": { "type": "boolean" }, "unpaged": { "type": "boolean" } } }, "PrincipalResponseV1": { "required": ["displayName", "id", "type"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "displayName": { "type": "string" }, "type": { "type": "string", "enum": ["USER", "API", "SYSTEM"] } } }, "RiskDistributionValue": { "required": ["count", "loss"], "type": "object", "properties": { "count": { "type": "number" }, "loss": { "type": "number" } } }, "RiskResponseV1": { "required": [ "associatedControlScores", "associatedControls", "createdAt", "createdBy", "id", "name", "owners", "riskDashboardId", "riskDashboardName", "riskDashboardType", "type", "updatedBy" ], "type": "object", "properties": { "riskDashboardType": { "type": "string", "enum": ["FAIR", "NIST", "CYBERINSIGHTS"] }, "name": { "type": "string" }, "id": { "type": "string", "format": "uuid" }, "description": { "type": "string" }, "updatedBy": { "$ref": "#/components/schemas/PrincipalResponseV1" }, "updatedAt": { "type": "string", "format": "date-time" }, "createdAt": { "type": "string", "format": "date-time" }, "assessmentName": { "type": "string" }, "assessmentId": { "type": "string", "format": "uuid" }, "owners": { "type": "array", "items": { "$ref": "#/components/schemas/UserResponseV1" } }, "externalId": { "type": "string" }, "riskDashboardId": { "type": "string", "format": "uuid" }, "associatedControls": { "type": "array", "items": { "$ref": "#/components/schemas/ControlWithScoresV1" } }, "associatedControlScores": { "type": "array", "items": { "$ref": "#/components/schemas/ControlWithScoresControlScoreV1" } }, "riskDashboardName": { "type": "string" }, "createdBy": { "$ref": "#/components/schemas/PrincipalResponseV1" }, "type": { "type": "string" } }, "discriminator": { "propertyName": "type" } }, "SortObject": { "type": "object", "properties": { "empty": { "type": "boolean" }, "sorted": { "type": "boolean" }, "unsorted": { "type": "boolean" } } }, "UserResponseV1": { "required": ["email", "firstName", "id", "lastName"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "firstName": { "type": "string" }, "lastName": { "type": "string" }, "email": { "type": "string" } } }, "ControlScoreActionAnnotationPublicDtoV1": { "required": ["id"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "createdAt": { "type": "string", "format": "date-time" }, "lastUpdatedAt": { "type": "string", "format": "date-time" }, "annotation": { "type": "string" }, "annotationStr": { "type": "string" } } }, "ControlScoreActionDtoV1": { "required": [ "controlActionContent", "controlActionId", "disabled", "id" ], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "controlActionId": { "type": "string", "format": "uuid" }, "controlActionContent": { "type": "string" }, "controlActionIdx": { "type": "integer", "format": "int32" }, "controlActionLevel": { "type": "integer", "format": "int32" }, "disabled": { "type": "boolean" }, "currentScore": { "$ref": "#/components/schemas/ControlScoreActionScoreDtoV1" }, "targetScore": { "$ref": "#/components/schemas/ControlScoreActionScoreDtoV1" }, "annotation": { "$ref": "#/components/schemas/ControlScoreActionAnnotationPublicDtoV1" } } }, "ControlScoreActionScoreDtoV1": { "required": ["id", "label", "value"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "value": { "type": "number", "format": "float" }, "label": { "type": "string" } } }, "ControlScoreNotePublicDtoV1": { "type": "object", "properties": { "notes": { "type": "string" }, "notesStr": { "type": "string" }, "lastUpdatedAt": { "type": "string", "format": "date-time" } } }, "ControlScorePublicDtoV1": { "required": [ "assessmentId", "businessImpact", "collaborators", "controlDescription", "controlFamily", "controlId", "controlLabel", "controlScoreActions", "createdAt", "disabled", "id", "parentControlLabel", "threatType" ], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "createdAt": { "type": "string", "format": "date-time" }, "lastUpdatedAt": { "type": "string", "format": "date-time" }, "assessmentId": { "type": "string", "format": "uuid" }, "controlId": { "type": "string", "format": "uuid" }, "controlFamily": { "type": "string" }, "controlLabel": { "type": "string" }, "parentControlLabel": { "type": "string" }, "auxiliaryControlLabel": { "type": "string" }, "controlDescription": { "type": "string" }, "controlLevel": { "type": "integer", "format": "int32" }, "currentScore": { "type": "number", "format": "float" }, "assignedTo": { "$ref": "#/components/schemas/UserResponseV1" }, "updatedBy": { "$ref": "#/components/schemas/PrincipalResponseV1" }, "riskImpact": { "type": "integer", "format": "int32" }, "riskLikelihood": { "type": "integer", "format": "int32" }, "targetScore": { "type": "number", "format": "float" }, "dataProtection": { "type": "string", "enum": ["CONFIDENTIALITY", "INTEGRITY", "AVAILABILITY"] }, "threatType": { "type": "array", "items": { "type": "string", "enum": [ "ADVERSARIAL", "ACCIDENTAL", "STRUCTURAL", "ENVIRONMENTAL" ] } }, "businessImpact": { "type": "array", "items": { "type": "string", "enum": [ "REGULATORY_AND_LEGAL", "REPUTATIONAL", "FINANCIAL", "OPERATIONAL" ] } }, "dueDate": { "type": "string", "format": "date-time" }, "collaborators": { "type": "array", "items": { "$ref": "#/components/schemas/UserResponseV1" } }, "financialImpactMin": { "type": "integer", "format": "int32" }, "financialImpactMax": { "type": "integer", "format": "int32" }, "financialImpactMostLikely": { "type": "integer", "format": "int32" }, "completionCostValue": { "type": "integer", "format": "int32" }, "maturityScore": { "type": "number", "format": "double" }, "normalizedCurrentCompliance": { "type": "number", "format": "double" }, "normalizedTargetScore": { "type": "number", "format": "double" }, "workflow": { "$ref": "#/components/schemas/ControlWorkflowPublicDtoV1" }, "disabled": { "type": "boolean" }, "note": { "$ref": "#/components/schemas/ControlScoreNotePublicDtoV1" }, "controlScoreActions": { "type": "array", "items": { "$ref": "#/components/schemas/ControlScoreActionDtoV1" } } } }, "ControlWorkflowPublicDtoV1": { "required": ["id", "isDone", "name"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "name": { "type": "string" }, "isDone": { "type": "boolean" } } }, "PageRiskDashboardResponseV1": { "type": "object", "properties": { "totalElements": { "type": "integer", "format": "int64" }, "totalPages": { "type": "integer", "format": "int32" }, "first": { "type": "boolean" }, "size": { "type": "integer", "format": "int32" }, "content": { "type": "array", "items": { "$ref": "#/components/schemas/RiskDashboardResponseV1" } }, "number": { "type": "integer", "format": "int32" }, "sort": { "$ref": "#/components/schemas/SortObject" }, "numberOfElements": { "type": "integer", "format": "int32" }, "last": { "type": "boolean" }, "pageable": { "$ref": "#/components/schemas/PageableObject" }, "empty": { "type": "boolean" } } }, "RiskDashboardResponseV1": { "required": ["id", "name", "type"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "name": { "type": "string" }, "type": { "type": "string", "enum": ["FAIR", "NIST", "CYBERINSIGHTS"] }, "assessmentId": { "type": "string", "format": "uuid" } } }, "FrameworkPublicDtoV1": { "required": [ "assessmentScoreMethod", "controlScoreMethod", "csfWeighted", "cybersecurityFrameworkId", "id", "name", "scoreModelId", "status", "type" ], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "name": { "type": "string" }, "version": { "type": "string" }, "type": { "type": "string", "enum": ["Regulatory", "Binary"] }, "description": { "type": "string" }, "status": { "type": "string", "enum": ["Draft", "Published", "Disabled"] }, "cybersecurityFrameworkId": { "type": "string", "format": "uuid" }, "csfWeighted": { "type": "boolean" }, "scoreModelId": { "type": "string", "format": "uuid" }, "controlScoreMethod": { "type": "string", "enum": ["BINARY", "LEVEL", "REGULATORY", "CMMC_2"] }, "assessmentScoreMethod": { "type": "string", "enum": [ "DFARS_171A", "RAW_CONTROL_FAMILY", "RAW_LEVELED_CONTROL_FAMILY", "RAW_PARENT_CONTROL_LABEL", "RAW", "CONTROL_FAMILY", "PARENT_CONTROL_LABEL", "CYBERSTRONG", "CMMC_2" ] }, "controlWorkflowOptionSetId": { "type": "string", "format": "uuid" } } }, "ScoreModelPublicDtoV1": { "required": ["id", "name", "values"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "name": { "type": "string" }, "values": { "type": "array", "items": { "$ref": "#/components/schemas/ScoreModelValuePublicDtoV1" } } } }, "ScoreModelValuePublicDtoV1": { "required": ["id", "label", "order", "value"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "label": { "type": "string" }, "value": { "type": "number" }, "order": { "type": "integer", "format": "int32" }, "description": { "type": "string" } } }, "FrameworkMetadataFieldPublicDtoV1": { "required": ["id", "label", "required", "type"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "label": { "type": "string" }, "hint": { "type": "string" }, "type": { "type": "string", "enum": ["TEXT"] }, "required": { "type": "boolean" } } }, "FrameworkMetadataFieldResponseV1": { "required": ["fields"], "type": "object", "properties": { "fields": { "type": "array", "items": { "$ref": "#/components/schemas/FrameworkMetadataFieldPublicDtoV1" } } } }, "ControlActionPublicDtoV1": { "required": ["content", "id"], "type": "object", "properties": { "content": { "type": "string" }, "level": { "type": "integer", "format": "int32" }, "id": { "type": "string", "format": "uuid" } } }, "ControlPublicDtoV1": { "required": [ "controlFamily", "controlLabel", "description", "id", "parentControlLabel" ], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "controlFamily": { "type": "string" }, "controlLabel": { "type": "string" }, "parentControlLabel": { "type": "string" }, "auxiliaryControlLabel": { "type": "string" }, "description": { "type": "string" }, "supplementalGuidance": { "type": "string" }, "evidenceRequired": { "type": "string" }, "remediationSteps": { "type": "string" }, "complianceDescription": { "type": "string" }, "level": { "type": "integer", "format": "int32" }, "controlActions": { "type": "array", "items": { "$ref": "#/components/schemas/ControlActionPublicDtoV1" } } } }, "PageControlPublicDtoV1": { "type": "object", "properties": { "totalElements": { "type": "integer", "format": "int64" }, "totalPages": { "type": "integer", "format": "int32" }, "first": { "type": "boolean" }, "size": { "type": "integer", "format": "int32" }, "content": { "type": "array", "items": { "$ref": "#/components/schemas/ControlPublicDtoV1" } }, "number": { "type": "integer", "format": "int32" }, "sort": { "$ref": "#/components/schemas/SortObject" }, "numberOfElements": { "type": "integer", "format": "int32" }, "last": { "type": "boolean" }, "pageable": { "$ref": "#/components/schemas/PageableObject" }, "empty": { "type": "boolean" } } }, "EvidencePublicDtoV1": { "required": [ "assessmentId", "controlId", "controlScoreId", "id", "location", "name" ], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "createdAt": { "type": "string", "format": "date-time" }, "createdBy": { "$ref": "#/components/schemas/UserResponseV1" }, "name": { "type": "string" }, "location": { "type": "string" }, "controlScoreId": { "type": "string", "format": "uuid" }, "assessmentId": { "type": "string", "format": "uuid" }, "controlId": { "type": "string", "format": "uuid" }, "lastUpdatedAt": { "type": "string", "format": "date-time" }, "lastUpdatedBy": { "$ref": "#/components/schemas/UserResponseV1" } } }, "PageEvidencePublicDtoV1": { "type": "object", "properties": { "totalElements": { "type": "integer", "format": "int64" }, "totalPages": { "type": "integer", "format": "int32" }, "first": { "type": "boolean" }, "size": { "type": "integer", "format": "int32" }, "content": { "type": "array", "items": { "$ref": "#/components/schemas/EvidencePublicDtoV1" } }, "number": { "type": "integer", "format": "int32" }, "sort": { "$ref": "#/components/schemas/SortObject" }, "numberOfElements": { "type": "integer", "format": "int32" }, "last": { "type": "boolean" }, "pageable": { "$ref": "#/components/schemas/PageableObject" }, "empty": { "type": "boolean" } } }, "AssessmentPublicDtoV1": { "required": [ "controlScores", "createdAt", "frameworkId", "frameworkName", "frameworkType", "id", "identifier", "name", "percentComplete" ], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "name": { "type": "string" }, "frameworkId": { "type": "string", "format": "uuid" }, "frameworkName": { "type": "string" }, "frameworkType": { "type": "string", "enum": ["Regulatory", "Binary"] }, "frameworkVersion": { "type": "string" }, "createdAt": { "type": "string", "format": "date-time" }, "score": { "type": "number" }, "owner": { "$ref": "#/components/schemas/UserResponseV1" }, "percentComplete": { "type": "integer", "format": "int32" }, "lastUpdatedAt": { "type": "string", "format": "date-time" }, "identifier": { "type": "string" }, "targetScore": { "type": "number" }, "controlScores": { "type": "array", "items": { "$ref": "#/components/schemas/ControlScorePublicDtoV1" } } } }, "PageAssessmentPublicDtoV1": { "type": "object", "properties": { "totalElements": { "type": "integer", "format": "int64" }, "totalPages": { "type": "integer", "format": "int32" }, "first": { "type": "boolean" }, "size": { "type": "integer", "format": "int32" }, "content": { "type": "array", "items": { "$ref": "#/components/schemas/AssessmentPublicDtoV1" } }, "number": { "type": "integer", "format": "int32" }, "sort": { "$ref": "#/components/schemas/SortObject" }, "numberOfElements": { "type": "integer", "format": "int32" }, "last": { "type": "boolean" }, "pageable": { "$ref": "#/components/schemas/PageableObject" }, "empty": { "type": "boolean" } } }, "AssessmentCsfScoresResponseV1": { "required": ["functions"], "type": "object", "properties": { "functions": { "type": "array", "items": { "$ref": "#/components/schemas/CsfFunctionResponseV1" } } } }, "CsfCategoryResponseV1": { "required": ["current", "label", "subcategories", "target"], "type": "object", "properties": { "label": { "type": "string" }, "uniqueIdentifier": { "type": "string" }, "current": { "type": "number" }, "target": { "type": "number" }, "targetControlsInCalculation": { "type": "integer", "format": "int32" }, "currentControlsInCalculation": { "type": "integer", "format": "int32" }, "subcategories": { "type": "array", "items": { "$ref": "#/components/schemas/CsfSubcategoryResponseV1" } } } }, "CsfFunctionResponseV1": { "required": ["categories", "current", "label", "target"], "type": "object", "properties": { "label": { "type": "string" }, "current": { "type": "number" }, "target": { "type": "number" }, "categories": { "type": "array", "items": { "$ref": "#/components/schemas/CsfCategoryResponseV1" } } } }, "CsfSubcategoryResponseV1": { "required": ["current", "label", "target"], "type": "object", "properties": { "label": { "type": "string" }, "current": { "type": "number" }, "target": { "type": "number" } } }, "AssessmentMetadataFieldValuePublicDtoV1": { "required": ["frameworkMetadataFieldId", "id", "label"], "type": "object", "properties": { "id": { "type": "string", "format": "uuid" }, "value": { "type": "string" }, "label": { "type": "string" }, "frameworkMetadataFieldId": { "type": "string", "format": "uuid" } } }, "AssessmentMetadataFieldsResponseV1": { "required": ["values"], "type": "object", "properties": { "values": { "type": "array", "items": { "$ref": "#/components/schemas/AssessmentMetadataFieldValuePublicDtoV1" } } } }, "PageControlScorePublicDtoV1": { "type": "object", "properties": { "totalElements": { "type": "integer", "format": "int64" }, "totalPages": { "type": "integer", "format": "int32" }, "first": { "type": "boolean" }, "size": { "type": "integer", "format": "int32" }, "content": { "type": "array", "items": { "$ref": "#/components/schemas/ControlScorePublicDtoV1" } }, "number": { "type": "integer", "format": "int32" }, "sort": { "$ref": "#/components/schemas/SortObject" }, "numberOfElements": { "type": "integer", "format": "int32" }, "last": { "type": "boolean" }, "pageable": { "$ref": "#/components/schemas/PageableObject" }, "empty": { "type": "boolean" } } } } } }