VA Tests domain

Reports on tests that are available for security assessments.

Available to roles: admin

Assessment Tests Entity

This entity contains entries for available tests.

Attribute Description
Test Description Text description of the test
Test Type Type of assessment test (Observed, Predefined, Custom, Query based, CVE)
Datasource Type Type of Datasource (DB2®, Informix®, MYSQL, ORACLE, SYBASE, etc.)
Threshold User defined threshold, to override the value define upon the test’s creation
Threshold Default Value Default threshold that defines the success/fail criteria
Severity Severity of the assessment (Critical, Major, Minor, Caution, Info)
Category Category of the assessment (Privilege, Authentication, Configuration, Version, Other)
Timestamp Timestamp test was created

SQL Based Assessment Definition

This entity describes a SQL based assessment definition

Attribute Description
Bind Out Var Optional. Determines if the entered text in SQL statement is a procedural block of code that will return a value that should be bound to an internal Guardium® variable that will be used in the comparison to the Compare to value.
Compare To Value Compare value that will be used to compare against the return value from the SQL statement using the compare operator.
External Reference Reference to the Center for Internet Security (CIS) or Common Vulnerabilities and Exposures (CVE).
Operator Operator that will be used for the condition.
Recommendation Text Fail The Recommended text for fail that will be displayed when the test fails.
Recommendation Text Pass The Recommended text for pass that will be displayed when the test passes.
Result Text Fail The Result text for fail that will be displayed when the test fails.
Result Text Pass The Result text for pass that will be displayed when the test passes.
Return Type The Return type that will be returned from the SQL statement.
Short Description The short description for the assessment test.
SQL For Details A SQL Statement for Detail, a SQL statement that retrieves a list of strings to generate a detail string of Detail prefix + list of strings.
SQL The SQL statement that will be executed for the test.