Back to Home
Artifact Types
57 OCSF-aligned artifact types with cloud provider mappings
57
Artifact Types
6
Categories
4
Providers
OCSF 1.2.0
Schema Version
Provider Coverage
AWS
24artifact types
Azure
21artifact types
GCP
21artifact types
Kubernetes
5artifact types
Compute
(10 types)| Artifact Type | OCSF Class | Providers |
|---|---|---|
| EC2 Instance | compute | AWS |
| Virtual Machine | compute | Azure |
| Compute Instance | compute | GCP |
| Lambda Function | compute | AWS |
| Azure Function | compute | Azure |
| Cloud Function | compute | GCP |
| App Service | compute | Azure |
| Cloud Run | compute | GCP |
| ECS Task | compute | AWS |
| Batch Job | compute | AWSAzureGCP |
Storage
(9 types)| Artifact Type | OCSF Class | Providers |
|---|---|---|
| S3 Bucket | storage | AWS |
| Blob Storage | storage | Azure |
| Cloud Storage Bucket | storage | GCP |
| EBS Volume | storage | AWS |
| Managed Disk | storage | Azure |
| Persistent Disk | storage | GCP |
| EFS File System | storage | AWS |
| Azure Files | storage | Azure |
| Filestore | storage | GCP |
Network
(10 types)| Artifact Type | OCSF Class | Providers |
|---|---|---|
| VPC | network | AWSGCP |
| Virtual Network | network | Azure |
| Security Group | network | AWS |
| Network Security Group | network | Azure |
| Firewall Rule | network | GCP |
| Load Balancer | network | AWSAzureGCP |
| NAT Gateway | network | AWSAzureGCP |
| VPN Gateway | network | AWSAzureGCP |
| Route Table | network | AWSAzureGCP |
| Subnet | network | AWSAzureGCP |
Identity
(8 types)| Artifact Type | OCSF Class | Providers |
|---|---|---|
| IAM User | identity | AWS |
| IAM Role | identity | AWS |
| IAM Policy | identity | AWS |
| Service Principal | identity | Azure |
| Managed Identity | identity | Azure |
| Service Account | identity | GCP |
| IAM Binding | identity | GCP |
| Access Key | identity | AWS |
Database
(10 types)| Artifact Type | OCSF Class | Providers |
|---|---|---|
| RDS Instance | database | AWS |
| Aurora Cluster | database | AWS |
| DynamoDB Table | database | AWS |
| Azure SQL Database | database | Azure |
| Cosmos DB | database | Azure |
| Cloud SQL | database | GCP |
| Cloud Spanner | database | GCP |
| Firestore | database | GCP |
| ElastiCache | database | AWS |
| Redis Cache | database | Azure |
Container
(10 types)| Artifact Type | OCSF Class | Providers |
|---|---|---|
| EKS Cluster | container | AWS |
| AKS Cluster | container | Azure |
| GKE Cluster | container | GCP |
| ECR Repository | container | AWS |
| Container Registry | container | AzureGCP |
| Pod | container | Kubernetes |
| Deployment | container | Kubernetes |
| Service | container | Kubernetes |
| ConfigMap | container | Kubernetes |
| Secret | container | Kubernetes |
OCSF Alignment
All artifact types are aligned with the Open Cybersecurity Schema Framework (OCSF) 1.2.0. This ensures interoperability with security tools and platforms that adopt the OCSF standard for event and artifact representation.