Palo Alto Networks · JSON Structure

Sspm Api Posture Check Structure

PostureCheck schema from Palo Alto Networks SaaS Security Posture Management API

Type: object Properties: 11
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR

PostureCheck is a JSON Structure definition published by Palo Alto Networks, describing 11 properties. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

check_id app_id check_name check_type severity status description remediation compliance_frameworks last_evaluated_at suppression_justification

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/sspm-api-posture-check-structure.json",
  "name": "PostureCheck",
  "description": "PostureCheck schema from Palo Alto Networks SaaS Security Posture Management API",
  "type": "object",
  "properties": {
    "check_id": {
      "type": "string",
      "description": "Unique identifier of the posture check result."
    },
    "app_id": {
      "type": "string",
      "description": "ID of the onboarded application this check applies to."
    },
    "check_name": {
      "type": "string",
      "description": "Name of the security posture check."
    },
    "check_type": {
      "type": "string",
      "description": "Category of the posture check.",
      "enum": [
        "access_control",
        "authentication",
        "data_protection",
        "logging",
        "network_security",
        "configuration"
      ]
    },
    "severity": {
      "type": "string",
      "description": "Severity level if the check fails.",
      "enum": [
        "informational",
        "low",
        "medium",
        "high",
        "critical"
      ]
    },
    "status": {
      "type": "string",
      "description": "Current result status of the check.",
      "enum": [
        "pass",
        "fail",
        "error",
        "suppressed"
      ]
    },
    "description": {
      "type": "string",
      "description": "Description of what the check evaluates."
    },
    "remediation": {
      "type": "string",
      "description": "Step-by-step remediation guidance for failed checks."
    },
    "compliance_frameworks": {
      "type": "array",
      "description": "Compliance frameworks this check maps to (e.g., CIS, SOC2, ISO27001).",
      "items": {
        "type": "string"
      }
    },
    "last_evaluated_at": {
      "type": "datetime",
      "description": "Timestamp when the check was last evaluated."
    },
    "suppression_justification": {
      "type": "string",
      "description": "Justification text if the check is suppressed."
    }
  }
}