{ "$schema": "https://json-structure.org/meta/core/v0/#", "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/sspm-api-posture-check-structure.json", "name": "PostureCheck", "description": "PostureCheck schema from Palo Alto Networks SaaS Security Posture Management API", "type": "object", "properties": { "check_id": { "type": "string", "description": "Unique identifier of the posture check result." }, "app_id": { "type": "string", "description": "ID of the onboarded application this check applies to." }, "check_name": { "type": "string", "description": "Name of the security posture check." }, "check_type": { "type": "string", "description": "Category of the posture check.", "enum": [ "access_control", "authentication", "data_protection", "logging", "network_security", "configuration" ] }, "severity": { "type": "string", "description": "Severity level if the check fails.", "enum": [ "informational", "low", "medium", "high", "critical" ] }, "status": { "type": "string", "description": "Current result status of the check.", "enum": [ "pass", "fail", "error", "suppressed" ] }, "description": { "type": "string", "description": "Description of what the check evaluates." }, "remediation": { "type": "string", "description": "Step-by-step remediation guidance for failed checks." }, "compliance_frameworks": { "type": "array", "description": "Compliance frameworks this check maps to (e.g., CIS, SOC2, ISO27001).", "items": { "type": "string" } }, "last_evaluated_at": { "type": "datetime", "description": "Timestamp when the check was last evaluated." }, "suppression_justification": { "type": "string", "description": "Justification text if the check is suppressed." } } }