Package security.whisper.javastix.sdo.objects

Interface IncidentSdo

All Superinterfaces:
BundleableObject, DomainObject, SdoDefaultValidator, Serializable, Stix, StixCommonProperties, StixCustomProperties, StixLabels, StixModified, StixRevoked, StixSpecVersion
All Known Implementing Classes:
Incident
@Immutable @DefaultTypeValue(value="incident", groups=DefaultValuesProcessor.class) @Redactable public interface IncidentSdo extends DomainObject
incident

An Incident object describes a security incident that occurred or is in progress. It includes information about the impact, the actors involved, and the timeline of the incident.

  • Method Details

    • getName

      @NotBlank @JsonPropertyDescription("A name used to identify the Incident.") @Redactable @NotBlank String getName()

    • getDescription

      @JsonPropertyDescription("A description that provides more details and context about the Incident, potentially including its impact and handling.") @Redactable Optional<String> getDescription()

    • getKillChainPhases

      @JsonPropertyDescription("The list of kill chain phases for which this Incident is used.") @Size(min=1) @Redactable @Size(min=1) Set<KillChainPhaseType> getKillChainPhases()

    • getFirstSeen

      @JsonPropertyDescription("The time that this Incident was first seen.") @Redactable Optional<StixInstant> getFirstSeen()

    • getLastSeen

      @JsonPropertyDescription("The time that this Incident was last seen.") @Redactable Optional<StixInstant> getLastSeen()

    • getImpact

      @JsonPropertyDescription("A description of the impact or potential impact of the Incident.") @Redactable Optional<String> getImpact()