- What format should I use for sending timestamps?
Any field marked as date-time must conform to the RFC3339 format (e.g. “2022-06-15T12:32:44Z”).
Vanta does not retain fractional seconds in timestamps.
- How does severity for vulnerabilities map to classification (low, medium, high and critical)?
Vulnerability resources correspond to known CVEs. CVE severities map to classifications as follows:
0.1-3.9: Low
4.0-6.9: Medium
7.0-8.9: High
9.0-10.0: Critical
Updated 9 months ago