VA Tests domain
Reports on tests that are available for security assessments.
Available to roles: admin
Assessment Tests Entity
This entity contains entries for available tests.
| Attribute | Description |
|---|---|
| Test Description | Text description of the test |
| Test Type | Type of assessment test (Observed, Predefined, Custom, Query based, CVE) |
| Datasource Type | Type of Datasource (DB2®, Informix®, MYSQL, ORACLE, SYBASE, etc.) |
| Threshold | User defined threshold, to override the value define upon the test’s creation |
| Threshold Default Value | Default threshold that defines the success/fail criteria |
| Severity | Severity of the assessment (Critical, Major, Minor, Caution, Info) |
| Category | Category of the assessment (Privilege, Authentication, Configuration, Version, Other) |
| Timestamp | Timestamp test was created |
SQL Based Assessment Definition
This entity describes a SQL based assessment definition
| Attribute | Description |
|---|---|
| Bind Out Var | Optional. Determines if the entered text in SQL statement is a procedural block of code that will return a value that should be bound to an internal Guardium® variable that will be used in the comparison to the Compare to value. |
| Compare To Value | Compare value that will be used to compare against the return value from the SQL statement using the compare operator. |
| External Reference | Reference to the Center for Internet Security (CIS) or Common Vulnerabilities and Exposures (CVE). |
| Operator | Operator that will be used for the condition. |
| Recommendation Text Fail | The Recommended text for fail that will be displayed when the test fails. |
| Recommendation Text Pass | The Recommended text for pass that will be displayed when the test passes. |
| Result Text Fail | The Result text for fail that will be displayed when the test fails. |
| Result Text Pass | The Result text for pass that will be displayed when the test passes. |
| Return Type | The Return type that will be returned from the SQL statement. |
| Short Description | The short description for the assessment test. |
| SQL For Details | A SQL Statement for Detail, a SQL statement that retrieves a list of strings to generate a detail string of Detail prefix + list of strings. |
| SQL | The SQL statement that will be executed for the test. |