sentinelone-app-risks
Enumerate application risks (CVEs) detected on endpoints in the SentinelOne service.
sentinelone-app-risks [profile=PROFILE]
- profile=PROFILE
- Connect profile code of SentinelOne
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| _time | Date | Detection time | e.g. 2025-12-12 19:05:53+0900 |
| profile | String | Connect profile | e.g. sentinelone |
| app_id | String | Application ID | e.g. 1234567890123456789 |
| name | String | Application name | e.g. 7-Zip 16.04 |
| vendor | String | Vendor | e.g. Igor Pavlov |
| app_type | String | Application type | |
| highest_severity | String | Highest severity | Critical, High, Medium, Low, None |
| highest_nvd_base_score | String | Highest NVD base score | e.g. 8.80 |
| highest_risk_score | String | Highest risk score | |
| cve_count | Integer | Number of CVEs | e.g. 10 |
| endpoint_count | Integer | Number of endpoints | e.g. 1 |
| endpoints_without_ticket | Integer | Endpoints without ticket | |
| days_detected | Integer | Days from detection | e.g. 144 |
| detection_date | Date | Detection date | e.g. 2025-12-12 19:05:53+0900 |
| exploited_in_the_wild | String | Exploited in the wild | |
| exploit_code_maturity | String | Exploit code maturity | |
| remediation_level | String | Remediation level | |
| estimate | Boolean | Estimate | e.g. false |