Type: Product
The Product model
The Product model contains all the information about a product, such as its name, description, and icon URL. Products can have Sub-Products or Artifacts (referred to as "Components") to represent complex Product hierarchies, or Solutions that encompass multiple systems. (Up to 7 levels)
Querying for Products
You can query for products using the allProducts query. This query takes a filter argument of type ProductFilter that you can use to filter the returned products.
Example
Getting all products that have a name that starts with "Energetic."
query AllEnergeticProducts(
$filter: ProductFilter!
) {
allProducts(
filter: $filter
) {
id
name
createdAt
}
}
Example
Getting all products in a specific Business Unit. Note there are two separate example filters - one based on the Business Unit ID and one based on the Business Unit ID, the other based on the Business Unit Name.
query AllProductsInBusinessUnit (
$filter: ProductFilter
) {
allProducts(
filter: $filter
) {
id
name
createdAt
businessUnits {
id
name
}
}
}
}
A “Product” is flexible entity, and is the basis for the Product Security lifecycle. It may represent something that a company sells (e.g. has a UPC code), a software product that your teams built internally or acquired from a vendor or open source, or a complex solution made up multiple devices. A product can have child products, and can be a hierarchy. Products are associated with Artifacts, which represent the security information about the product. The product may have a name, model number, or SKU or may have a standardized identifier (e.g. SWID, purl, or CPE).
Related Inputs
Related Queries
- Product
- ProductFamily
- _allProductFamiliesMeta
- _allProductsMeta
- _flexSearchProductFamiliesMeta
- _flexSearchProductsMeta
- allProductFamilies
- allProducts
- flexSearchProductFamilies
- flexSearchProducts
Related Filters
Related Mutations
Properties
| Name | Type | Description |
|---|---|---|
| _allInnerChildrenMeta | _QueryMeta | A flattened list of children (returns a maximum of 7 layers deep). |
| _assetStatusesMeta | _QueryMeta | All of the processing statuses associated with this product's assets |
| _assetsMeta | _QueryMeta | Which assets this product depends on |
| _businessUnitsMeta | _QueryMeta | The additional Groups or Business Units this product has been shared with |
| _childrenMeta | _QueryMeta | Children or sub-products of the Product. This is the basis of a product hierarchy. |
| _cursor | String | Provides a value that can be supplied to the |
| _operatingSystemsMeta | _QueryMeta | Operating Systems associated with the product; these may be added by users, or by automatic detection by the system |
| _processingStatusesMeta | _QueryMeta | Any kind of processing currently occurring on the product |
| _revision | ID | An identifier that is updated automatically on each update of this root entity (but not on relation changes) |
| _tagsMeta | _QueryMeta | The user-assigned tags for this Product |
| _testsMeta | _QueryMeta | All of the tests associated with this product's assets |
| absoluteRiskScore | Float | The absolute risk score computed for the Product. This score is an aggregated score of all sub-products and Artifacts associated with the Product. |
| allInnerChildren | [Product] | A flattened list of children (returns a maximum of 7 layers deep). |
| architectures | [String] | Instruction Set Architectures (ISAs) associated with the product; these may be added by users, or by automatic detection by the system; e.g. x86, x64, ARM, Renesas, etc. |
| assetStatuses | [ProcessingStatus] | All of the processing statuses associated with this product's assets |
| assets | [AssetVersion] | Which assets this product depends on |
| businessUnits | [Group] | The additional Groups or Business Units this product has been shared with |
| children | [Product] | Children or sub-products of the Product. This is the basis of a product hierarchy. |
| compilers | [String] | Compilers used to build the software for the product; these may be added by users, or by automatic detection by the system; e.g. GCC, Clang, etc. |
| createdAt | DateTime | The instant this object has been created |
| createdBy | User | The user who created this product in Finite State |
| ctx | EntityCtx | Context contains fields that are accessible to the permissions profile. This is an internal field related to user permissions. |
| deletedAt | DateTime | Timestamp of when this product was deleted |
| description | String | A description of the product |
| environmentalControls | EnvironmentalControls | Environmental controls that are used to describe the product or its environment when deployed; these values may be set by users, or by automatic detection. This is an experimental field and subject to change. |
| group | Group | The group or Business Unit responsible for the Product Security or development of the Product. |
| icon | String | URL pointing to an icon associated with this product |
| id | ID | An auto-generated string that identifies this root entity uniquely among others of the same type |
| image | String | URL pointing to an image of this product |
| name | String | |
| operatingSystems | [OperatingSystemInstance] | Operating Systems associated with the product; these may be added by users, or by automatic detection by the system |
| parent | Product | Parent product of this product |
| processingStatuses | [ProcessingStatus] | Any kind of processing currently occurring on the product |
| productFamily | ProductFamily | Product Family (e.g. Cisco Catalyst, Cisco IOS, Cisco ASA, etc.) |
| productIdentifiers | ProductIdentifiers | Product Identifiers (such as purl, CPE, SWID, UPC, GTIN) are used to link a product to known vulnerabilities, security advisories, and other product information, and generally uniquely identify a specific instance of a product. These may be added by users, or by automatic detection by the system. |
| programmingLanguages | [String] | Programming Language(s) used to build the software for the product; these may be added by users, or by automatic detection by the system; e.g. C, C++, Java, Python, etc. |
| relativeRiskScore | Float | The relative risk score computed for the Product. This score is an aggregated score of all sub-products and Artifacts associated with the Product. |
| securityOwner | User | The user who is the security owner for this product (typically a member of the Product Security team). |
| tags | [Tag] | The user-assigned tags for this Product |
| tests | [Test] | All of the tests associated with this product's assets |
| updatedAt | DateTime | The instant this object has been updated the last time (not including relation updates) |
| url | String | The URL for the product's homepage, if it has one |
| vendor | Vendor | Vendor of the product; these may be added by users, or by automatic detection by the system; e.g. Cisco, HP, etc. The Vendor may be the same company as the Organization in Finite State, or could be a third party vendor or open source community. |
This page was generated: 2024-11-06