Host Finding

This documentation is currently outdated and in the process of being updated. This documentation is provided as a temporary reference to various API endpoints and output. This warning will be at the top of each outdated page. As the documentation is updated, this warning will be removed.

Creating a Host Finding

Create host finding.

API Call: POST/client/{clientId}/hostFinding

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user role that can create a host finding is:

  • Manager

API Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample create_hostFinding Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"hostId\": [    <HOSTID>, <HOSTID>  ],  \"assessmentId\": <ASSESSMENTID>,  \"severity\": <SEVERITY>,  \"sourceId\": \"<SOURCEID>\",  \"scannerUuid\": \"<SCANNERUUID>\",  \"title\": \"<TITLE>\",  \"type\": \"<TYPE>\",  \"description\": \"<DESCRIPTION>\",  \"solution\": \"<SOLUTION>\",  \"synopsis\": \"S<SYNOPSIS>\",  \"service\": {    \"portNumber\": <PORTNUMBER>,    \"name\": \"<PORTNAME>\"  },  \"cveId\": \"<CVEID>\",  \"cveIds\": [    \"<CVEIDS>\",    \"<CVEIDS>\"  ]}"

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
HOSTID Host ID number.
ASSESSMENTID Assessment ID number.
SEVERITY Host finding severity.
SOURCEID Source ID.
SCANNERUUID Scanner UUID.
TITLE Host finding title.
TYPE Type of host finding.
DESCRIPTION Host finding description.
SOLUTION Host finding solution.
SYNOPSIS Host finding synopsis.
PORTNUMBER Port number
PORTNAME Port name.
CVEID CVE ID.
CVEIDS CVE IDs.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
201 Success

201 Sample Response

Copy

{
  "id": 0,
  "created": "2019-09-23T10:02:19.711Z"
}
Code Description
400 User Error
Copy

{
  "status": 0,
  "path": "string",
  "errors": [
    {
      "field": "string",
      "code": "string"
    }
  ]
}
Code Description
401 Unauthorized
409 Conflict

Updating a Host Finding

API Call: PUT/client/{clientId}/hostFinding/{hostFindingId}

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<HOSTFINDINGID>

URL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
HOSTFINDINGID Host finding ID number.

User Roles

The user role that can update a host finding is:

  • Manager

Python

Python Sample update_hostFinding Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
hostfinding_id = <INSERT HOST FINDING ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "title": "Example Title",
    "description": "Example Description",
    "solution": "Example Solution",
    "synopsis": "Example Synopsis"
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/" + str(hostfinding_id)

response = requests.put(url, headers=header, data=json.dumps(body))

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample update_hostFinding Snippet

Copy

curl -X PUT "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<HOSTFINDINGID>"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"title\": \"<TITLE>\",  \"description\": \"<DESCRIPTION>\",  \"solution\": \"<SOLUTION>\",  \"synopsis\": \"<SYNOPSIS>\"}"

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
TITLE Host finding title.
DESCRIPTION Host finding description.
SOLUTION Host finding solution.
SYNOPSIS Host finding synopsis.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
201 Success

201 Sample Response

Copy
 
{
  "id": 0,
  "created": "2019-09-23T19:12:41.243Z"
}

Code Description
400 User Error

400 Sample Response

Copy
 
{
  "status": 0,
  "path": "string",
  "errors": [
    {
      "field": "string",
      "code": "string"
    }
  ]
}

Code Description
401 User Error
403 Forbidden
404 Not Found

Listing Host Finding Projections and Their Models

API Call: GET/client/{clientId}/hostFinding/model

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/model

URL Parameters

Name Description Notes
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

Python

Python Sample hostFinding_projection Snippet

Copy

import requests

platform = 'http://platform<PLATFORM>.risksense.com'
api_key = '<APIKEY>'
client_id = <CLIENTID>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/model"

response = requests.get(url, headers=header)

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample hostFinding_projection Snippet

Copy

curl -X GET "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/model"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

Response Parameters

Sample Response

Copy

{
  "subject": "hostFinding",
  "projections": [
    {
      "name": "basic",
      "fields": [
        {
          "field": "id",
          "type": "int",
          "nested": []
        },
        {
          "field": "title",
          "type": "string",
          "nested": []
        },
        {
          "field": "risk",
          "type": "double",
          "nested": []
        },
        {
          "field": "severity",
          "type": "double",
          "nested": []
        },
        {
          "field": "xrs3Impact",
          "type": "Object",
          "nested": []
        },
        {
          "field": "xrs3ImpactOnCategory",
          "type": "Object",
          "nested": []
        },
        {
          "field": "scannerReported",
          "type": "string",
          "nested": []
        },
        {
          "field": "cvssV2",
          "type": "double",
          "nested": []
        },
        {
          "field": "cvssV3",
          "type": "double",
          "nested": []
        },
        {
          "field": "state",
          "type": "string",
          "nested": []
        },
        {
          "field": "status",
          "type": "string",
          "nested": []
        },
        {
          "field": "groupId",
          "type": "int",
          "nested": []
        },
        {
          "field": "portId",
          "type": "int",
          "nested": []
        },
        {
          "field": "hostname",
          "type": "string",
          "nested": []
        },
        {
          "field": "ip",
          "type": "string",
          "nested": []
        },
        {
          "field": "criticality",
          "type": "int",
          "nested": []
        },
        {
          "field": "isExternal",
          "type": "boolean",
          "nested": []
        },
        {
          "field": "lastFoundOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "discoveredOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "resolvedOn",
          "type": "string",
          "nested": []
        }
      ]
    },
    {
      "name": "detail",
      "fields": [
        {
          "field": "id",
          "type": "int",
          "nested": []
        },
        {
          "field": "source",
          "type": "string",
          "nested": []
        },
        {
          "field": "sourceId",
          "type": "string",
          "nested": []
        },
        {
          "field": "title",
          "type": "string",
          "nested": []
        },
        {
          "field": "port",
          "type": "int",
          "nested": []
        },
        {
          "field": "description",
          "type": "string",
          "nested": []
        },
        {
          "field": "services",
          "type": "string",
          "nested": []
        },
        {
          "field": "group",
          "type": "EmbeddedGroup",
          "nested": [
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "name",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "host",
          "type": "EmbeddedHost",
          "nested": [
            {
              "field": "hostId",
              "type": "int",
              "nested": []
            },
            {
              "field": "hostName",
              "type": "string",
              "nested": []
            },
            {
              "field": "ipAddress",
              "type": "string",
              "nested": []
            },
            {
              "field": "criticality",
              "type": "int",
              "nested": []
            },
            {
              "field": "external",
              "type": "boolean",
              "nested": []
            },
            {
              "field": "ports",
              "type": "HostPort",
              "nested": [
                {
                  "field": "id",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "number",
                  "type": "int",
                  "nested": []
                }
              ]
            }
          ]
        },
        {
          "field": "network",
          "type": "EmbeddedNetwork",
          "nested": [
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "name",
              "type": "string",
              "nested": []
            },
            {
              "field": "type",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "statusEmbedded",
          "type": "EmbeddedStatus",
          "nested": [
            {
              "field": "state",
              "type": "string",
              "nested": []
            },
            {
              "field": "stateName",
              "type": "string",
              "nested": []
            },
            {
              "field": "stateDescription",
              "type": "string",
              "nested": []
            },
            {
              "field": "status",
              "type": "boolean",
              "nested": []
            },
            {
              "field": "userIds",
              "type": "int[]",
              "nested": []
            },
            {
              "field": "durationInDays",
              "type": "string",
              "nested": []
            },
            {
              "field": "dueDate",
              "type": "string",
              "nested": []
            },
            {
              "field": "expirationDate",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "assessments",
          "type": "EmbeddedAssessment",
          "nested": [
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "name",
              "type": "string",
              "nested": []
            },
            {
              "field": "date",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "assignments",
          "type": "EmbeddedUserDetail",
          "nested": [
            {
              "field": "firstName",
              "type": "string",
              "nested": []
            },
            {
              "field": "lastName",
              "type": "string",
              "nested": []
            },
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "receiveEmails",
              "type": "boolean",
              "nested": []
            },
            {
              "field": "email",
              "type": "string",
              "nested": []
            },
            {
              "field": "username",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "vulnerabilities",
          "type": "EmbeddedVulnerabilities",
          "nested": [
            {
              "field": "vulnInfoList",
              "type": "EmbeddedVulnerability",
              "nested": [
                {
                  "field": "cve",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "baseScore",
                  "type": "double",
                  "nested": []
                },
                {
                  "field": "threatCount",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "summary",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "attackVector",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "accessComplexity",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "authentication",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "confidentialityImpact",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "integrity",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "availabilityImpact",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "trending",
                  "type": "boolean",
                  "nested": []
                },
                {
                  "field": "vulnLastTrendingOn",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "vulnLastTrendingOn",
              "type": "string",
              "nested": []
            },
            {
              "field": "trending",
              "type": "boolean",
              "nested": []
            }
          ]
        },
        {
          "field": "vulnerabilitiesWithV3",
          "type": "EmbeddedVulnerabilityV3",
          "nested": [
            {
              "field": "cve",
              "type": "string",
              "nested": []
            },
            {
              "field": "baseScore",
              "type": "double",
              "nested": []
            },
            {
              "field": "threatCount",
              "type": "int",
              "nested": []
            },
            {
              "field": "summary",
              "type": "string",
              "nested": []
            },
            {
              "field": "attackVector",
              "type": "string",
              "nested": []
            },
            {
              "field": "attackComplexity",
              "type": "string",
              "nested": []
            },
            {
              "field": "privilegesRequired",
              "type": "string",
              "nested": []
            },
            {
              "field": "userInteraction",
              "type": "string",
              "nested": []
            },
            {
              "field": "scope",
              "type": "string",
              "nested": []
            },
            {
              "field": "confidentialityImpact",
              "type": "string",
              "nested": []
            },
            {
              "field": "integrityImpact",
              "type": "string",
              "nested": []
            },
            {
              "field": "availabilityImpact",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "threats",
          "type": "EmbeddedThreats",
          "nested": [
            {
              "field": "manualExploits",
              "type": "EmbeddedManualExploit",
              "nested": [
                {
                  "field": "id",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "title",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "label",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "pii",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "description",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "source",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "isManualExploit",
                  "type": "boolean",
                  "nested": []
                },
                {
                  "field": "easeOfExploit",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "threats",
              "type": "EmbeddedThreat",
              "nested": [
                {
                  "field": "title",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "category",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "severity",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "description",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "details",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "cves",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "source",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "published",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "updated",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "threatLastTrendingOn",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "trending",
                  "type": "boolean",
                  "nested": []
                }
              ]
            },
            {
              "field": "threatLastTrendingOn",
              "type": "string",
              "nested": []
            },
            {
              "field": "trending",
              "type": "boolean",
              "nested": []
            }
          ]
        },
        {
          "field": "manualFindingReports",
          "type": "EmbeddedManualExploit",
          "nested": [
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "title",
              "type": "string",
              "nested": []
            },
            {
              "field": "label",
              "type": "string",
              "nested": []
            },
            {
              "field": "pii",
              "type": "string",
              "nested": []
            },
            {
              "field": "description",
              "type": "string",
              "nested": []
            },
            {
              "field": "source",
              "type": "string",
              "nested": []
            },
            {
              "field": "isManualExploit",
              "type": "boolean",
              "nested": []
            },
            {
              "field": "easeOfExploit",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "solution",
          "type": "string",
          "nested": []
        },
        {
          "field": "patches",
          "type": "EmbeddedPatch",
          "nested": [
            {
              "field": "name",
              "type": "string",
              "nested": []
            },
            {
              "field": "url",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "tags",
          "type": "EmbeddedTag",
          "nested": [
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "name",
              "type": "string",
              "nested": []
            },
            {
              "field": "category",
              "type": "string",
              "nested": []
            },
            {
              "field": "description",
              "type": "string",
              "nested": []
            },
            {
              "field": "created",
              "type": "string",
              "nested": []
            },
            {
              "field": "updated",
              "type": "string",
              "nested": []
            },
            {
              "field": "color",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "tagsAsset",
          "type": "EmbeddedTag",
          "nested": [
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "name",
              "type": "string",
              "nested": []
            },
            {
              "field": "category",
              "type": "string",
              "nested": []
            },
            {
              "field": "description",
              "type": "string",
              "nested": []
            },
            {
              "field": "created",
              "type": "string",
              "nested": []
            },
            {
              "field": "updated",
              "type": "string",
              "nested": []
            },
            {
              "field": "color",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "tickets",
          "type": "EmbeddedTicket",
          "nested": [
            {
              "field": "ticketNumber",
              "type": "string",
              "nested": []
            },
            {
              "field": "ticketStatus",
              "type": "string",
              "nested": []
            },
            {
              "field": "deepLink",
              "type": "string",
              "nested": []
            },
            {
              "field": "type",
              "type": "string",
              "nested": []
            },
            {
              "field": "connectorName",
              "type": "string",
              "nested": []
            },
            {
              "field": "detailedStatus",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "notes",
          "type": "EmbeddedNote",
          "nested": [
            {
              "field": "user",
              "type": "EmbeddedUser",
              "nested": [
                {
                  "field": "id",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "name",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "note",
              "type": "string",
              "nested": []
            },
            {
              "field": "date",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "authScanDetail",
          "type": "EmbeddedAuthScanDetail",
          "nested": [
            {
              "field": "testStatus",
              "type": "string",
              "nested": []
            },
            {
              "field": "technology",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "authScanHistory",
          "type": "EmbeddedAuthScanHistory",
          "nested": [
            {
              "field": "assessmentId",
              "type": "int",
              "nested": []
            },
            {
              "field": "testStatus",
              "type": "string",
              "nested": []
            },
            {
              "field": "scanDate",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "output",
          "type": "string",
          "nested": []
        },
        {
          "field": "severity",
          "type": "double",
          "nested": []
        },
        {
          "field": "severityEmbedded",
          "type": "EmbeddedSeverityHost",
          "nested": [
            {
              "field": "combined",
              "type": "double",
              "nested": []
            },
            {
              "field": "overridden",
              "type": "boolean",
              "nested": []
            },
            {
              "field": "scanner",
              "type": "string",
              "nested": []
            },
            {
              "field": "cvssV2",
              "type": "double",
              "nested": []
            },
            {
              "field": "cvssV3",
              "type": "double",
              "nested": []
            },
            {
              "field": "aggregated",
              "type": "double",
              "nested": []
            },
            {
              "field": "state",
              "type": "string",
              "nested": []
            },
            {
              "field": "stateName",
              "type": "string",
              "nested": []
            },
            {
              "field": "expirationDate",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "riskRating",
          "type": "double",
          "nested": []
        },
        {
          "field": "xrs3Impact",
          "type": "Object",
          "nested": []
        },
        {
          "field": "xrs3ImpactOnCategory",
          "type": "Object",
          "nested": []
        },
        {
          "field": "lastFoundOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "discoveredOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "resolvedOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "scannerName",
          "type": "string",
          "nested": []
        },
        {
          "field": "findingType",
          "type": "string",
          "nested": []
        },
        {
          "field": "machineId",
          "type": "string",
          "nested": []
        },
        {
          "field": "detailedDescription",
          "type": "string",
          "nested": []
        },
        {
          "field": "detailedSolution",
          "type": "string",
          "nested": []
        },
        {
          "field": "cloudSecurityGroups",
          "type": "EmbeddedCloudScannerGroupsModel",
          "nested": [
            {
              "field": "groupId",
              "type": "string",
              "nested": []
            },
            {
              "field": "groupName",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "cloudScalingGroups",
          "type": "EmbeddedCloudScannerGroupsModel",
          "nested": [
            {
              "field": "groupId",
              "type": "string",
              "nested": []
            },
            {
              "field": "groupName",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "scannerPluginStatus",
          "type": "string",
          "nested": []
        },
        {
          "field": "additionalInfo",
          "type": "JsonNode",
          "nested": []
        }
      ]
    }
  ]
}

HTTP Status Codes

Code Description
200 Ok

200 Sample Response

Copy

{
  "projections": [
    {
      "name": "basic",
      "fields": [
        {
          "field": "id",
          "type": "integer"
        },
        {
          "field": "name",
          "type": "string"
        }
      ]
    }
  ]
}

Code Description
401 Unauthorized
404 Not Found

List Filterable Host Finding Fields

Displays the fields that the search endpoint can filter by.

API Call: GET/client/{clientId}/hostFinding/filter

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/filter

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can list host finding fields that can be filtered by are:

  • Manager
  • Group Manager
  • User

Python

Python Sample list_hostFindingFields Snippet

Copy

import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/filter"

response = requests.get(url, headers=header)

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample list_hostFindingFields Snippet

Copy

curl -X GET "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/filter"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"

Make sure to replace the option values here with your own option values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

Response Parameters

Sample Response

Copy

[
  {
    "name": "Assessment",
    "legacyUid": "assessment_labels",
    "uid": "assessment_labels",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by one or more assessments."
  },
  {
    "name": "Asset Tag",
    "legacyUid": "asset_tags",
    "uid": "asset_tags",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by the tag(s) applied to the host(s) of the vulnerabilities."
  },
  {
    "name": "Assigned To",
    "legacyUid": "assignments",
    "uid": "assignments",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by user assigned to remediate."
  },
  {
    "name": "CVE",
    "legacyUid": "cves",
    "uid": "cves",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by associated CVE(s)."
  },
  {
    "name": "CVSS v2",
    "legacyUid": "cvss2BaseScore",
    "uid": "cvss2BaseScore",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "double",
    "description": "Filters vulnerabilities by numerical CVSS v2 score."
  },
  {
    "name": "CVSS v2 Access Complexity",
    "legacyUid": "cvss2BaseAC",
    "uid": "cvss2BaseAC",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v2 access complexity."
  },
  {
    "name": "CVSS v2 Attack Vector",
    "legacyUid": "cvss2BaseAV",
    "uid": "cvss2BaseAV",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v2 attack vector."
  },
  {
    "name": "CVSS v2 Authentication",
    "legacyUid": "cvss2BaseAu",
    "uid": "cvss2BaseAu",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v2 authentication."
  },
  {
    "name": "CVSS v2 Availability Impact",
    "legacyUid": "cvss2BaseAI",
    "uid": "cvss2BaseAI",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v2 availability impact."
  },
  {
    "name": "CVSS v2 Confidentiality Impact",
    "legacyUid": "cvss2BaseCI",
    "uid": "cvss2BaseCI",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v2 confidentiality impact."
  },
  {
    "name": "CVSS v2 Integrity",
    "legacyUid": "cvss2BaseII",
    "uid": "cvss2BaseII",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v2 integrity."
  },
  {
    "name": "CVSS v3",
    "legacyUid": "cvss3BaseScore",
    "uid": "cvss3BaseScore",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "double",
    "description": "Filters vulnerabilities by numerical CVSS v3 score."
  },
  {
    "name": "CVSS v3 Attack Complexity",
    "legacyUid": "cvss3BaseAC",
    "uid": "cvss3BaseAC",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v3 attack complexity."
  },
  {
    "name": "CVSS v3 Attack Vector",
    "legacyUid": "cvss3BaseAV",
    "uid": "cvss3BaseAV",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v3 attack vector."
  },
  {
    "name": "CVSS v3 Availability",
    "legacyUid": "cvss3BaseA",
    "uid": "cvss3BaseA",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v3 availability."
  },
  {
    "name": "CVSS v3 Confidentiality Impact",
    "legacyUid": "cvss3BaseC",
    "uid": "cvss3BaseC",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v3 confidentiality impact."
  },
  {
    "name": "CVSS v3 Integrity Impact",
    "legacyUid": "cvss3BaseI",
    "uid": "cvss3BaseI",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v3 integrity impact."
  },
  {
    "name": "CVSS v3 Privleges Required",
    "legacyUid": "cvss3BasePR",
    "uid": "cvss3BasePR",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v3 privleges required."
  },
  {
    "name": "CVSS v3 Scope",
    "legacyUid": "cvss3BaseS",
    "uid": "cvss3BaseS",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v3 scope."
  },
  {
    "name": "CVSS v3 User Interaction",
    "legacyUid": "cvss3BaseUI",
    "uid": "cvss3BaseUI",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by CVSS v3 user interaction."
  },
  {
    "name": "Criticality",
    "legacyUid": "criticality",
    "uid": "criticality",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by criticality"
  },
  {
    "name": "Criticality State",
    "legacyUid": "criticality_state",
    "uid": "criticality_state",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by criticality state"
  },
  {
    "name": "Cve Publish Dates",
    "legacyUid": "cve_publish_dates",
    "uid": "cve_publish_dates",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE",
      "GREATER",
      "LESSER"
    ],
    "type": "string",
    "description": "Filters by Cve Publish Date."
  },
  {
    "name": "Discovered On",
    "legacyUid": "discovered_dates",
    "uid": "discovered_dates",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by discovered date."
  },
  {
    "name": "Due Date",
    "legacyUid": "due_dates",
    "uid": "due_dates",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by assigned remediation date due."
  },
  {
    "name": "Exploit",
    "legacyUid": "exploits",
    "uid": "exploits",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by exploit name(s)."
  },
  {
    "name": "Exploit Category",
    "legacyUid": "exploit_categories",
    "uid": "exploit_categories",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by exploit category."
  },
  {
    "name": "Finding Type",
    "legacyUid": "finding_type",
    "uid": "finding_type",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by finding type."
  },
  {
    "name": "Group",
    "legacyUid": "group_name",
    "uid": "groupName",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities within selected group(s)."
  },
  {
    "name": "Group ID",
    "legacyUid": "groups_id",
    "uid": "groupIds",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities within selected group IDs."
  },
  {
    "name": "Has CVE",
    "legacyUid": "has_cves",
    "uid": "has_cves",
    "operators": [
      "EXACT"
    ],
    "type": "string",
    "description": "Filters vulnerabilities that have CVE"
  },
  {
    "name": "Has Cve Publish Dates",
    "legacyUid": "has_cve_publish_dates",
    "uid": "has_cve_publish_dates",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters vulnerabilities that has a Cve publish dates."
  },
  {
    "name": "Has Default Credentials",
    "legacyUid": "has_default_credentials",
    "uid": "has_default_credentials",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters vulnerabilities by CVEs associated with using default credentials."
  },
  {
    "name": "Has Exploit",
    "legacyUid": "has_exploit",
    "uid": "has_exploit",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters vulnerabilities that have a known exploit in the wild."
  },
  {
    "name": "Has Malware",
    "legacyUid": "has_malware",
    "uid": "has_malware",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters vulnerabilities that have known malware in the wild."
  },
  {
    "name": "Has Manual Exploit",
    "legacyUid": "has_manual_exploit",
    "uid": "has_manual_exploit",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters vulnerabilities by manually verified exploit."
  },
  {
    "name": "Has Note",
    "legacyUid": "has_note",
    "uid": "has_note",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters Host Findings that have an associated note."
  },
  {
    "name": "Has Privilege Escalation Exploit",
    "legacyUid": "has_pe",
    "uid": "has_pe",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters vulnerabilities that have an exploit that can escalate privilege."
  },
  {
    "name": "Has Remote Code Execution Exploit",
    "legacyUid": "has_rce",
    "uid": "has_rce",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters vulnerabilities that have an exploit that can remotely execute code."
  },
  {
    "name": "Has Threat",
    "legacyUid": "has_threat",
    "uid": "has_threat",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters vulnerabilities that have a known threat in the wild."
  },
  {
    "name": "Has Ticket",
    "legacyUid": "HAS_CONNECTOR_TICKET",
    "uid": "HAS_CONNECTOR_TICKET",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Does the tag have a ticket"
  },
  {
    "name": "Host ID",
    "legacyUid": "host_id",
    "uid": "hostId",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by host ID."
  },
  {
    "name": "Host Name",
    "legacyUid": "host_name",
    "uid": "hostName",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by host name."
  },
  {
    "name": "IP Address",
    "legacyUid": "address",
    "uid": "ipAddress",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "CIDR"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by host IP address."
  },
  {
    "name": "IP Address Type",
    "legacyUid": "ip_address_type",
    "uid": "ip_address_type",
    "operators": [
      "EXACT"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by the range their hosts ip address falls in."
  },
  {
    "name": "Id",
    "legacyUid": "id",
    "uid": "id",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": ""
  },
  {
    "name": "Last Found On",
    "legacyUid": "lastFoundOn",
    "uid": "lastFoundOn",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE"
    ],
    "type": "string",
    "description": ""
  },
  {
    "name": "Malware",
    "legacyUid": "malware",
    "uid": "malware",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by malware name(s)."
  },
  {
    "name": "Manual Exploit",
    "legacyUid": "manual_exploits",
    "uid": "manual_exploits",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by name(s) of manual exploits added by a penetration tester."
  },
  {
    "name": "Manual Finding Report",
    "legacyUid": "manual_finding_reports",
    "uid": "manual_finding_reports",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by name(s) of manual finding reports added by a penetration tester."
  },
  {
    "name": "Manual Finding Report Type",
    "legacyUid": "manual_finding_report_types",
    "uid": "manual_finding_report_types",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters Host Findings by the type of manual finding reports associated with it"
  },
  {
    "name": "Netbios",
    "legacyUid": "netbios",
    "uid": "netbios",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filter by host netbios"
  },
  {
    "name": "Network",
    "legacyUid": "network_partition_name",
    "uid": "network.name",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by the name of the network partition they belong to."
  },
  {
    "name": "Network Type",
    "legacyUid": "network_partition_type",
    "uid": "network_partition_type",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by the type of network partition they belong to."
  },
  {
    "name": "OS Class",
    "legacyUid": "os_class",
    "uid": "operatingSystem.class",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by operating system class (generally describes operating system hardware)"
  },
  {
    "name": "OS Family",
    "legacyUid": "os_family",
    "uid": "operatingSystem.family",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by operating system family (such as 'Linux' or 'Windows')."
  },
  {
    "name": "OS Vendor",
    "legacyUid": "os_vendor",
    "uid": "operatingSystem.vendor",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by operating system vendor (such as 'Microsoft' or Cisco')."
  },
  {
    "name": "Operating System",
    "legacyUid": "os_name",
    "uid": "operatingSystem.name",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by host's operating system."
  },
  {
    "name": "Owner",
    "legacyUid": "owner",
    "uid": "owner",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filter by asset Owner"
  },
  {
    "name": "Past Due",
    "legacyUid": "past_due",
    "uid": "past_due",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters unmediated vulnerabilities by due date."
  },
  {
    "name": "Patch ID",
    "legacyUid": "source_patch_ids",
    "uid": "source_patch_ids",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters Host Findings by Patch ID"
  },
  {
    "name": "PolicyCompliance:Actual Result",
    "legacyUid": "actual_result",
    "uid": "actual_result",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by actual result."
  },
  {
    "name": "PolicyCompliance:Expected Result",
    "legacyUid": "expected_result",
    "uid": "expected_result",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by expected result."
  },
  {
    "name": "PolicyCompliance:Technology",
    "legacyUid": "technology",
    "uid": "technology",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by technology."
  },
  {
    "name": "PolicyCompliance:Test Status",
    "legacyUid": "test_status",
    "uid": "test_status",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by test status."
  },
  {
    "name": "Port",
    "legacyUid": "port_number",
    "uid": "port",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by associated port(s)."
  },
  {
    "name": "Reported Scan Time",
    "legacyUid": "reported_scan_time",
    "uid": "lastScanTime",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "date",
    "description": "Filter by asset's last reported scan time."
  },
  {
    "name": "Resolved On",
    "legacyUid": "resolved_on",
    "uid": "resolved_on",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by remediation date."
  },
  {
    "name": "Risk Rating",
    "legacyUid": "riskRating",
    "uid": "riskRating",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "double",
    "description": "Filters by risk rating."
  },
  {
    "name": "Scanner Name",
    "legacyUid": "scanner_name",
    "uid": "scanner_name",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by scanner name(s)."
  },
  {
    "name": "Scanner Output",
    "legacyUid": "output",
    "uid": "output",
    "operators": [
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters Host Findings by the output reported by the scanner."
  },
  {
    "name": "Scanner Plugin",
    "legacyUid": "found_by_id",
    "uid": "found_by_id",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by scanner plugin ID."
  },
  {
    "name": "Scanner Plugin Status",
    "legacyUid": "scanner_plugin_status",
    "uid": "scanner_plugin_status",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by scanner plugin status"
  },
  {
    "name": "Scanner UUID",
    "legacyUid": "found_by",
    "uid": "source",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by scanner uuid(s)."
  },
  {
    "name": "Service",
    "legacyUid": "service_names",
    "uid": "service_names",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by associated name of service."
  },
  {
    "name": "Severity",
    "legacyUid": "severity",
    "uid": "severity",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "double",
    "description": "Filters vulnerabilities by risk association."
  },
  {
    "name": "Severity Group",
    "legacyUid": "severity_group",
    "uid": "severity_group",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by severity group (high, medium and low)."
  },
  {
    "name": "Severity Update State",
    "legacyUid": "severity_update_state",
    "uid": "severity_update_state",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters Host Findings by severity update state."
  },
  {
    "name": "State",
    "legacyUid": "states",
    "uid": "state",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by current state (unassigned, assigned, review by scan, reviewed, false positive, accepted, awaiting acceptance or reworked)."
  },
  {
    "name": "Status",
    "legacyUid": "generic_state",
    "uid": "generic_state",
    "operators": [
      "EXACT"
    ],
    "type": "string",
    "description": "Filter vulnerabilities by open/close status."
  },
  {
    "name": "Tag",
    "legacyUid": "tags",
    "uid": "tags",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by tag(s)."
  },
  {
    "name": "Tag Connector ID",
    "legacyUid": "TAG_CONNECTOR_ID",
    "uid": "TAG_CONNECTOR_ID",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Tag Connector ID"
  },
  {
    "name": "Tag Connector Name",
    "legacyUid": "TAG_CONNECTOR_NAME",
    "uid": "TAG_CONNECTOR_NAME",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Name of the Connector associated with the tag"
  },
  {
    "name": "Threat",
    "legacyUid": "threats",
    "uid": "threats",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by the name of the threat."
  },
  {
    "name": "Threat Category",
    "legacyUid": "threat_categories",
    "uid": "threat_categories",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by the threat category."
  },
  {
    "name": "Ticket ID",
    "legacyUid": "TICKET_ID",
    "uid": "TICKET_ID",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Ticket ID"
  },
  {
    "name": "Ticket Status",
    "legacyUid": "TICKET_STATUS",
    "uid": "TICKET_STATUS",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "status of ticket"
  },
  {
    "name": "Title",
    "legacyUid": "titles",
    "uid": "titles",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by title."
  },
  {
    "name": "Trending Threats",
    "legacyUid": "threatLastTrendingOn",
    "uid": "threatLastTrendingOn",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE",
      "GREATER",
      "LESSER"
    ],
    "type": "string",
    "description": "Filters by Threat Trending date."
  },
  {
    "name": "Trending Vulnerabilities",
    "legacyUid": "vulnLastTrendingOn",
    "uid": "vulnLastTrendingOn",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE",
      "GREATER",
      "LESSER"
    ],
    "type": "string",
    "description": "Filters by Vulnerability Trending date."
  },
  {
    "name": "Unique ID",
    "legacyUid": "unique_id",
    "uid": "unique_id",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters vulnerabilities by unique ID(s)."
  }
]

HTTP Status Codes

Code Description
200 OK

200 Sample Response

Copy
[
  {
    "name": "id",
    "uid": "id",
    "operator": [
      "EXACT",
      "IN"
    ],
    "type": "integer",
    "description": "The id"
  }
]
Code Description
401 Unauthorized
404 Not Found

Suggesting Filter Values for Host Finding Filtering

Displays suggested filter values when filtering host unique findings.

API Call: GET/client/{clientId}/hostFinding/filter

URL: https://platform<#>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/filter

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can view suggested filter values for host findings are:

  • Manager
  • Group Manager
  • User

Python

Python Sample filter_hostFindingvalues Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filters": [
        {
            "field": "id",
            "exclusive": True,
            "operator": "IN",
            "value": "1,2,3,4"
        }
    ],
    "filter": {
        "field": "id",
        "exclusive": False,
        "operator": "IN",
        "value": ""
    }
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/suggest"

response = requests.post(url, headers=header, data=json.dumps(body))

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample filter_hostFindingvalues Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/suggest"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filters\": [    {      \"field\": \"<FIELD>\",      \"exclusive\": <EXCLUSIVE>,      \"operator\": \"<OPERATOR>\",      \"value\": \"<VALUE>\"    }  ],  \"filter\": {    \"field\": \"<FIELD>\",    \"exclusive\": <EXCLUSIVE>,    \"operator\": \"<OPERATOR>\",    \"value\": \"<VALUE>\"  }}"

Make sure to replace the option values here with your own option values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string

Response Parameters

Sample Response

Copy

[
  {
    "key": "<KEY>",
    "count": <COUNT>
  }
]

Name Description Additional Information
KEY Value for the field the suggestion was requested for. string
COUNT Count. integer($int64)

HTTP Status Codes

Code Description
200 OK

200 Sample Response

Copy
[
  {
    "key": "string",
    "count": 0
  }
]
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Searching for a Host Finding

Search for a host finding within the designated client.

API Call: POST/client/{clientId}/hostFinding/search

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/search

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can search for a host finding are:

  • Manager
  • Group Manager
  • User

Python

Python Sample search_hostFinding Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filters": [
        {
            "field": "id",
            "exclusive": False,
            "operator": "IN",
            "value": "1,2,3,4"
        }
    ],
    "projection": "basic",
    "sort": [
        {
            "field": "id",
            "direction": "ASC"
        }
    ],
    "page": 0,
    "size": 20
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/search"

response = requests.post(url, headers=header, data=json.dumps(body))

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample search_hostFinding Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/search"
  -H "accept: application/json"
  -H "x-api-key: <APIKEY>"
  -H "Content-Type: application/json"
  -d "{ \"projection\": \"<PROJECTION>\", \"sort\": [ { \"field\": \"<SORTFIELD>\", \"direction\": \"<SORTDIRECTION>\" } ], \"page\": <PAGENUMBER>, \"size\": <PAGESIZE>}"

Make sure to replace the option values here with your own option values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
PROJECTION Projection type. Options: basic, detailed Yes
SORTFIELD Notes about the assessment. Yes
SORTDIRECTION Sort direction. Options: ASC, DESC Yes
PAGENUMBER Page number to view. Yes
PAGESIZE Number of entries per page. Yes

Response Parameters

Sample Response

Copy

{
  "errors": [],
  "page": {
    "size": <PAGESIZE>,
    "totalElements": <TOTALELEMENTS>,
    "totalPages": <TOTALPAGES>,
    "number": <PAGENUMBER>
  },
  "_links": {
    "self": {
      "href": "http://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/search?page=<PAGENUMBER>&size=<PAGESIZE>&sort=<SORT>,<SORTDIRECTION>"
    }
  }
}

Name Description Additional Information
PAGESIZE Page size requested. Shows how many items to display on the page.
TOTALELEMENTS Total elements on pages.
TOTALPAGES Total amount of pages.
PAGENUMBER Page to view. Note that 0 is the first page.
PLATFORM Platform number.
CLIENTID Client ID number.
SORT Field to sort by.
SORTDIRECTION Direction to sort. Options: ASC, DESC

HTTP Status Codes

Code Description
200 OK

200 Sample Response

Copy
{
  "_embedded": {
    "strings": [
      {}
    ]
  },
  "page": {
    "size": 0,
    "totalElements": 0,
    "totalPages": 0,
    "number": 0
  },
  "errors": [
    {
      "id": "string",
      "errorRefId": "string",
      "code": 0,
      "cause": "string"
    }
  ]
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Adding or Removing a Tag from a Host Finding

Add or remove a tag from a host finding.

API Call: POST/client/{clientId}/hostFinding/tag

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/tag

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can add or remove a tag from a host finding are:

  • Group Manager
  • Manager
  • User

Python

Python Sample tag_hostFinding Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
tag_id = <INSERT TAG ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "tagId": 1,
    "isRemove": False,  # Change to True for removing tags
    "filterRequest": {
        "filters": [
            {
                "field": "id",
                "exclusive": False,
                "operator": "EXACT",
                "value": 12345
            }
        ]
    }
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/tag"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample tag_hostFinding Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/tag"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"tagId\":<TAGID>,  \"isRemove\": <ISREMOVE>,  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": <VALUE>      }    ]  }}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token
TAGID Tag ID number. integer
ISREMOVE Remove tag? Options: True = Yes, False = No
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Job Created

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T17:54:19.121Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Assigning Host Findings

Assign host finding to user.

API Call: POST/client/{clientId}/hostFinding/assign

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/assign

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can assign a host finding to user are:

  • Group Manager
  • Manager
  • User

Python

Python Sample assign_hostFinding Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
user_id_list = [<INSERT COMMA-SEPARATED USER IDS HERE>]

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filters": [
        {
            "field": "id",
            "exclusive": False,
            "operator": "EXACT",
            "value": 12345
        }
    ],
    "userIds": user_id_list
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/assign"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token

cURL

cURL Sample assign_hostFinding Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/assign"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filters\": [    {      \"field\": \"<FIELD>\",      \"exclusive\": <EXCLUSIVE>,      \"operator\": \"<OPERATOR>\",      \"value\": \"<VALUE>\"    }  ],  \"userIds\": [    <USERID>, <USERID>  ]}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
USERID User ID number. Separate user IDs with a comma.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Job Created

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T10:33:56.434Z"
}
Code Description
400 User Error
401 Unauthorized
404 Not Found

Unassigning Host Findings

Unssign host finding from a user.

API Call: POST/client/{clientId}/hostFinding/unassign

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/unassign

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can unassign a host finding to user are:

  • Group Manager
  • Manager
  • User

Python

Python Sample unassign_hostFinding Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
user_id_list = [<INSERT COMMA-SEPARATED USER IDS HERE>]

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filters": [
        {
            "field": "id",
            "exclusive": False,
            "operator": "EXACT",
            "value": 12345
        }
    ],
    "userIds": user_id_list
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/unassign"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token

cURL

cURL Sample unassign_hostFinding Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/unassign"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filters\": [    {      \"field\": \"<FIELD>\",      \"exclusive\": <EXCLUSIVE>,      \"operator\": \"<OPERATOR>\",      \"value\": \"<VALUE>\"    }  ],  \"userIds\": [    <USERID>, <USERID>  ]}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
USERID User ID number. Separate user IDs with a comma.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Job Created

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T10:33:56.434Z"
}
Code Description
400 User Error
401 Unauthorized
404 Not Found

Initiating Host Finding Export Job

Initiate host finding export job.

API Call: POST/client/{clientId}/hostFinding/export

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/export

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can initiate a host finding export job are:

  • Group Manager
  • Manager
  • User

Python

Python Sample hostFinding_export Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
filename = '<INSERT DESIRED FILE NAME HERE>'

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "id",
                "exclusive": False,
                "operator": "IN",
                "value": "1,2,3,4"
            }
        ]
    },
    "fileType": "XML",  # Valid options here are XML, CSV, or XLSX
    "comment": "Example Comment",
    "fileName": filename
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/export"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample hostFinding_export Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/export"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json" -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ]  },  \"fileType\": \"<FILETYPE>\",  \"comment\": \"<COMMENT>\",  \"fileName\": \"<FILENAME>\"}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
FILETYPE Export file type. Options: XML, XLSX, CSV
COMMENT Exported file description. string
FILENAME Exported file's name. string

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-17T16:59:16.922Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Updating Host Finding Due Dates in Bulk

Update host finding due dates in bulk.

API Call: POST/client/{clientId}/hostFinding/update-due-date

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/update-due-date

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can update host finding due dates in bulk are:

  • Group Manager
  • Manager
  • User

Python

Python Sample hostFinding_updateDueDate Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "id",
                "exclusive": False,
                "operator": "IN",
                "value": "1,2,3,4"
            }
        ]
    },
    "dueDate": "2019-12-30"  # Due date must be in YYYY-MM-DD format.
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/update-due-date"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample hostFinding_updateDueDate Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/update-due-date"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>,<VALUE>\"      }    ]  },  \"dueDate\": \"<DUEDATE>\"}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
DUEDATE Due date. Format: YYYY-MM-DD

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T19:28:53.639Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Deleting Entities Based on Filters

Delete entities based on filters.

API Call: POST/client/{clientId}/hostFinding/delete

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/delete

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can delete entities based on filters are:

  • Group Manager
  • Manager

Python

Python Sample delete_hostFindingByFilter Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "id",
                "exclusive": False,
                "operator": "IN",
                "value": "1,2,3,4"
            }
        ]
    }
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/delete"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample delete_hostFindingByFilter Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/delete"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ]  }}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Job Created

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T17:45:18.407Z"
}
Code Description
400 User Error
401 Unauthorized
404 Not Found

Initiating Workflow Request

Initiate workflow request.

API Call: POST/client/{clientId}/search/hostFinding/{workflowType}/request

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/request

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID
WORKFLOWTYPE Workflow type. For this, use request.

User Roles

The user roles that can initiate workflow request are:

  • Group Manager
  • Manager
  • User

Python

Python Sample hostFinding_workflowRequest Snippet

Copy

import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

workflow_type = 'acceptance'  # REQUIRED. Other valid options are "falsePositive", "severityChange", and "remediation"
filename = "<INSERT FILE NAME/PATH HERE FOR UPLOAD>"
filter_request = {
    "filters": [
        {
            "field": "id",
            "exclusive": False,
            "operator": "IN",
            "value": "1,2,3,4"
        }
    ]
}
expiration_date = ""
description = "This is an example description."  # REQUIRED
reason = ""
compensating_controls = ""
severity = None

header = {
    "x-api-key": api_key,
    "content-type": "multipart/form-data"
}

data = {
    "files": open(filename, 'r'),
    "filterRequest": filter_request,
    "expirationDate": expiration_date,
    "description": description,
    "reason": reason,
    "compensatingControls": compensating_controls,
    "severity": severity
}

url = url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/" + workflow_type + "/request"

response = requests.post(url, headers=header, files=data)

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token

cURL

cURL Sample hostFinding_workflowRequest Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/request"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ],    \"projection\": \"<PROJECTION>\",    \"sort\": [      {        \"field\": \"<SORTFIELD>\",        \"direction\": \"<SORTDICRECTION>\"      }    ],    \"page\": <PAGENUMBER>,    \"size\": <PAGESIZE>  },  \"expirationDate\": \"<EXPDATE>\",  \"overrideExpDate\": <OVERRIDEEXPDATE>}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
WORKFLOWTYPE Workflow type. For this, use Request.
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
PROJECTION Projection type. Options: basic, detailed
SORTFIELD Field to sort.
SORTDIRECTION Sort direction. Options: ASC, DESC
PAGENUMBER Page number to view.
PAGESIZE Number of entries per page.
EXPDATE Expiration date.
OVERRIDEEXPDATE Override expiration date.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T09:21:43.971Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Initiating Workflow Reject

Initiate workflow reject.

API Call: POST/client/{clientId}/search/hostFinding/{workflowType}/reject

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/reject

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID
WORKFLOWTYPE Workflow type. For this, use reject.

User Roles

The user roles that can initiate workflow reject are:

  • Group Manager
  • Manager

Python

Python Sample hostFinding_workflowReject Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
file_path = '<INSERT FILE PATH HERE>'

workflow_type = 'acceptance'  # REQUIRED. Other valid options are "falsePositive", "severityChange", and "remediation"

header = {
    "x-api-key": api_key
}

body = {
    "file": (file_path, open(file_path, 'rb')),
    "filterRequest": {
        "filters": [
            {
                "field": "id",
                "exclusive": False,
                "operator": "IN",
                "value": "1,2,3,4"
            }
        ]
    },
    "expirationDate": "2019-12-31",  # Must be in YYYY-MM-DD format
    "description": "This is an example description",
    "reason": "This is an example reason",
    "compensatingControls": "This is an example of compensating controls."
}

response = requests.post(url, headers=header, files=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token

cURL

cURL Sample hostFinding_workflowReject Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/reject"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ],    \"projection\": \"<PROJECTION>\",    \"sort\": [      {        \"field\": \"<SORTFIELD>\",        \"direction\": \"<SORTDICRECTION>\"      }    ],    \"page\": <PAGENUMBER>,    \"size\": <PAGESIZE>  },  \"expirationDate\": \"<EXPDATE>\",  \"overrideExpDate\": <OVERRIDEEXPDATE>}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
WORKFLOWTYPE Workflow type. For this, use Reject.
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
PROJECTION Projection type. Options: basic, detailed
SORTFIELD Field to sort.
SORTDIRECTION Sort direction. Options: ASC, DESC
PAGENUMBER Page number to view.
PAGESIZE Number of entries per page.
EXPDATE Expiration date.
OVERRIDEEXPDATE Override expiration date.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T09:21:43.971Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Initiate Workflow Rework

Initiate workflow rework.

API Call: POST/client/{clientId}/search/hostFinding/{workflowType}/rework

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/rework

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID
WORKFLOWTYPE Workflow type. For this, use rework.

User Roles

The user roles that can initiate workflow rework are:

  • Group Manager
  • Manager

Python

Python Sample hostFinding_workflowRework Snippet

Copy

TBA

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token

cURL

cURL Sample hostFinding_workflowRework Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/rework"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ],    \"projection\": \"<PROJECTION>\",    \"sort\": [      {        \"field\": \"<SORTFIELD>\",        \"direction\": \"<SORTDICRECTION>\"      }    ],    \"page\": <PAGENUMBER>,    \"size\": <PAGESIZE>  },  \"expirationDate\": \"<EXPDATE>\",  \"overrideExpDate\": <OVERRIDEEXPDATE>}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
WORKFLOWTYPE Workflow type. For this, use Rework.
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
PROJECTION Projection type. Options: basic, detailed
SORTFIELD Field to sort.
SORTDIRECTION Sort direction. Options: ASC, DESC
PAGENUMBER Page number to view.
PAGESIZE Number of entries per page.
EXPDATE Expiration date.
OVERRIDEEXPDATE Override expiration date.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T09:21:43.971Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Initiating Workflow Approve

Initiate workflow approve.

API Call: POST/client/{clientId}/search/hostFinding/{workflowType}/approve

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/approve

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID
WORKFLOWTYPE Workflow type. For this, use Approve.

User Roles

The user roles that can initiate workflow approve are:

  • Group Manager
  • Manager

Python

Python Sample hostFinding_workflowApprove Snippet

Copy

TBA

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample hostFinding_workflowApprove Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/approve"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ],    \"projection\": \"<PROJECTION>\",    \"sort\": [      {        \"field\": \"<SORTFIELD>\",        \"direction\": \"<SORTDICRECTION>\"      }    ],    \"page\": <PAGENUMBER>,    \"size\": <PAGESIZE>  },  \"expirationDate\": \"<EXPDATE>\",  \"overrideExpDate\": <OVERRIDEEXPDATE>}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
WORKFLOWTYPE Workflow type. For this, use Approve.
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
PROJECTION Projection type. Options: basic, detailed
SORTFIELD Field to sort.
SORTDIRECTION Sort direction. Options: ASC, DESC
PAGENUMBER Page number to view.
PAGESIZE Number of entries per page.
EXPDATE Expiration date.
OVERRIDEEXPDATE Override expiration date.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T09:21:43.971Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Adding Note to a Host Finding

Add a note to a host finding.

API Call: POST/client/{clientId}/hostFinding/note

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/note

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can add a note to a host finding are:

  • Group Manager
  • Manager
  • User

Python

Python Sample addNote_hostFinding Snippet

Copy

import requests
import json

platform = 'http://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = 1  # UPDATE AS NEEDED

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "criticality",
                "exclusive": False,
                "operator": "EXACT",
                "value": "5"
            }
        ]
    },
    "note": "This is my note."  # UPDATE AS DESIRED
}

url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/note"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token

cURL

cURL Sample addNote_hostFinding Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/note"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD<\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ]  },  \"note\": \"<NOTE>\"}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
NOTE Note to add.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T09:14:11.180Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found