https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=ssl_certificates
Get an organization’s TLS/SSL Certificates finding details.
Parameters
For details specific to TLS/SSL Certificates, use the ?risk_vector=ssl_certificates
parameter. Other query parameters are listed in GET: Finding Details.
Example Request
curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=ssl_certificates -u api_token:
Example Response
{ "links":{ "next":"https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?limit=100&offset=100&risk_vector=ssl_certificates", "previous":null }, "count":1235, "results":[ { "temporary_id":"A1Aa11AAaa11a111aa111aa11a111a11aa11a111aa", "affects_rating":true, "assets":[ ], "details":{ "cvss":{ "base":[ ] }, "check_pass":"", "diligence_annotations":{ "sampleName":"11.1.111.111:443", "certchain":[ { "dnsName":[ ], "endDate":"2031-11-10 00:00:00", "issuerName":"C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root CA", "keyAlgorithm":"RSA", "keyLength":2048, "serialNumber":"11111111111111111111111111111111111111", "signatureAlgorithm":"SHA1WITHRSA", "startDate":"2006-11-10 00:00:00", "subjectName":"C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root CA" } ], "previouslyObserved":{ "2023-03-19":[ "222.22.22.222:443" ] } }, "final_location":"https://333.33.333.33/", "geo_ip_location":"A1", "country":"Demo Country 1", "grade":"GOOD", "observed_ips":[ "44.44.444.44:443" ], "remediations":[ ], "sample_timestamp":"2023-03-28T23:35:12Z", "vulnerabilities":[ ], "dest_port":0, "rollup_end_date":"2023-03-28", "rollup_start_date":"2022-10-08", "searchable_details":"12312312312312312312312312312312312312,32132132132132132132132132132132132121,5555555555555555555555555555555555555,C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Extended Validation Secure Server CA,C=US,ST=New Jersey,L=Jersey City,O=The USERTRUST Network,CN=USERTrust RSA Certification Authority,C=US,ST=New Jersey,L=Jersey City,O=The USERTRUST Network,CN=USERTrust RSA Certification Authority" }, "evidence_key":"example.site.com", "first_seen":"2022-10-08", "last_seen":"2023-03-28", "related_findings":[ ], "risk_category":"Diligence", "risk_vector":"ssl_certificates", "risk_vector_label":"SSL Certificates", "rolledup_observation_id":"bB2bBBBBBbBBbb2BbbBbBb==", "severity":1.0, "severity_category":"minor", "tags":[ "Guest WiFi" ], "remediation_history":{ "last_requested_refresh_date":null, "last_refresh_status_date":null, "last_refresh_status_label":null, "last_refresh_reason_code":null }, "asset_overrides":[ ], "duration":null, "comments":null, "remaining_decay":58, "remediated":null } ] }
Response Attributes
Field | Description | ||||||
---|---|---|---|---|---|---|---|
linksObject |
Navigation for multiple pages of results. See pagination. | ||||||
nextString |
The URL for navigating to the next page of results. | ||||||
previousString |
The URL for navigating to the previous page of results. | ||||||
countInteger |
The number of findings. | ||||||
resultsArray |
Finding objects. | ||||||
Object | A finding. | ||||||
temporary_idString |
A temporary identifier for this finding. | ||||||
affects_ratingBoolean |
true = This finding has an impact on the risk vector letter grade. |
||||||
assetsArray |
Assets relating to this finding. | ||||||
detailsObject |
Finding details. | ||||||
cvssObject |
If the finding has an associated vulnerability, the CVSS score is listed below. | ||||||
baseArray |
CVSS scores of vulnerabilities associated with this finding. | ||||||
check_passString |
For internal Bitsight use. | ||||||
diligence_annotationsObject |
Diligence finding details. | ||||||
sampleNameString |
The IP/CIDR range. | ||||||
certchainArray |
Certificate chain details. | ||||||
Object | A certificate in the chain. | ||||||
dnsNameArray |
Domains within this chain. | ||||||
endDateString [ YYYY-MM-DD HH:MM:SS ] |
The date when this certificate expires. | ||||||
issuerNameString |
The distinguished name of the certificate issuer, made up of attribute assertion values. | ||||||
keyAlgorithmString |
The algorithm used to encrypt and decrypt messages. | ||||||
keyLengthInteger |
The bit strength of this key. See the recommended TLS/SSL key length. | ||||||
serialNumberInteger |
The serial number of this certificate. | ||||||
signatureAlgorithmString |
The signing algorithm used in this certificate. | ||||||
startDateString [ YYYY-MM-DD HH:MM:SS ] |
The date when this certificate started. | ||||||
subjectNameString |
The distinguished name of the owner of the certificate, made up of attribute assertion values. | ||||||
previouslyObservedObject |
Previously observed IPs/CIDRs on particular dates. | ||||||
Date [YYYY-MM-DD ] Array
|
IP/CIDRs on the displayed date. | ||||||
final_locationString |
The URL. | ||||||
geo_ip_locationString |
A 2-letter ISO country code indicating the finding’s country of origin. | ||||||
countryString |
The finding’s country of origin. | ||||||
gradeString |
The finding grade. | ||||||
observed_ipsArray |
Observed IP addresses. | ||||||
remediationsArray |
Information about the finding and instructions to remediate it. | ||||||
sample_timestampString [ YYYY-MM-DDTHH:MM:SSZ ] |
The date and time when this finding was observed. | ||||||
vulnerabilitiesArray |
Vulnerability details. | ||||||
dest_portInteger |
A compromised device was observed to be sending traffic from this port. | ||||||
rollup_end_dateString [ YYYY-MM-DD ] |
The date when this finding was last observed. | ||||||
rollup_start_dateString [ YYYY-MM-DD ] |
The date when this finding was first observed. | ||||||
searchable_detailsString |
Certificate details. | ||||||
evidence_keyString |
The asset attributed to the finding. | ||||||
first_seenString [ YYYY-MM-DD ] |
The date when this observation was first seen. | ||||||
last_seenString [ YYYY-MM-DD ] |
The date when this observation was last seen. | ||||||
related_findingsArray |
Related findings and their details. | ||||||
risk_categoryString |
The risk category of this finding. | ||||||
risk_vectorString |
The slug name of this risk vector. | ||||||
risk_vector_labelString |
The display name of this risk vector. | ||||||
rolledup_observation_idString |
A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. | ||||||
severityDecimal |
The finding severity, which is the measured risk that this finding introduces. | ||||||
severity_categoryString |
The finding severity slug name. | ||||||
tagsArray |
Infrastructure tags that identify this asset. | ||||||
remediation_historyObject |
The finding’s remediation and refresh history. | ||||||
last_requested_refresh_dateString [ YYYY-MM-DD ] |
The date when a finding refresh that included this finding was last requested. | ||||||
last_refresh_status_dateString [ YYYY-MM-DD ] |
The date when this finding’s remediation status was last refreshed. | ||||||
last_refresh_status_labelString [ YYYY-MM-DD ] |
The current refresh status of this finding. | ||||||
last_refresh_reason_codeString [ YYYY-MM-DD ] |
The current remediation status of this finding. | ||||||
asset_overridesArray |
User-assigned asset importance details. | ||||||
durationInteger |
Not applicable to TLS/SSL Certificate findings. | ||||||
commentsString |
Finding comments. | ||||||
remaining_decayInteger |
The remaining finding lifetime. | ||||||
remediatedNull |
- March 31, 2023: Published.
Feedback
0 comments
Please sign in to leave a comment.