https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=ssl_configurations
Get TLS/SSL Configurations finding details.
Parameters
For details specific to TLS/SSL Configurations, use the ?risk_vector=ssl_configurations
parameter. Other query parameters are listed in GET: Finding Details.
Example Request
curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=ssl_configurations -u api_token:
Example Response
{ "links":{ "next":"https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?limit=100&offset=100&risk_vector=ssl_configurations", "previous":null }, "count":1533, "results":[ { "temporary_id":"A1Aa11AAaaaa11111a1a11aa11a1aaa1a111aaa111", "affects_rating":true, "assets":[ { "asset":"22.2.222.222", "identifier":null, "category":"low", "importance":0.0, "is_ip":true, "asset_type":"Domain", "is_monitored":false } ], "details":{ "cvss":{ "base":[ ] }, "check_pass":"", "diligence_annotations":{ "message":"Allows insecure protocol: TLSv1.0, Allows insecure protocol: TLSv1.1", "sampleName":"https://11.2.333.444/", "certchain":[ […] { "dnsName":[ "example.com" ], "endDate":"2038-01-15 12:00:00", "issuerName":"C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root G2", "keyAlgorithm":"RSA", "keyLength":2048, "serialNumber":"1231231231231231231231231231231231234", "signatureAlgorithm":"SHA256WITHRSA", "startDate":"2013-08-01 12:00:00", "subjectName":"C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root G2" } ] "ipBelongs":true }, "final_location":"https://11.2.333.444/", "geo_ip_location":"A1", "country":"Demo Country 1", "grade":"BAD", "observed_ips":[ "11.2.333.444:443" ], "remediations":[ […] { "message":"Allows insecure protocol: TLSv1.1", "help_text":"TLS version 1.1 has been deprecated.", "remediation_tip":"Update your company’s server-configurations to disable this protocol. Refer to the <a href=\"https://weakdh.org/sysadmin.html\" rel=\"noopener\" target=\"_blank\">Guide to Deploying Diffie-Hellman for TLS</a> for explicit instructions." } ], "sample_timestamp":"2023-04-05T12:52:46Z", "vulnerabilities":[ ], "dest_port":443, "rollup_end_date":"2023-04-05", "rollup_start_date":"2022-12-27", "searchable_details":"Allows insecure protocol: TLSv1.0, Allows insecure protocol: TLSv1.1,1111111111111111111111111111111111111111111111,22222222222222222222222222222222222222,3333333333333333333333333333333333333,C=US,O=Example Corporation,CN=Example TLS Issuing CA 02,C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root G2,C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root G2" }, "evidence_key":"11.2.333.444:443", "first_seen":"2022-12-27", "last_seen":"2023-04-05", "related_findings":[ ], "risk_category":"Diligence", "risk_vector":"ssl_configurations", "risk_vector_label":"SSL Configurations", "rolledup_observation_id":"B-B2bb2BBB222Bbbbbbb2b==", "severity":10.0, "severity_category":"severe", "tags":[ "Guest WiFi", ], "remediation_history":{ "last_requested_refresh_date":null, "last_refresh_status_date":null, "last_refresh_status_label":null, "last_refresh_reason_code":null }, "asset_overrides":[ ], "duration":null, "comments":null, "remaining_decay":59, "remediated":null, "impacts_risk_vector_details":"AFFECTS_RATING" } ] }
Response Attributes
Field | Description | ||||||
---|---|---|---|---|---|---|---|
links Object |
Navigation for multiple pages of results. See pagination. | ||||||
next String |
The URL for navigating to the next page of results. | ||||||
previous String |
The URL for navigating to the previous page of results. | ||||||
count Integer |
The number of findings. | ||||||
results Array |
Finding objects. | ||||||
Object | A finding. | ||||||
temporary_id String |
A temporary identifier for this finding. | ||||||
affects_rating Boolean |
true = This finding has an impact on the risk vector letter grade. |
||||||
assets Array |
Assets relating to this finding. | ||||||
Object | An asset (IP address or domain). | ||||||
asset String |
The asset associated with this finding. | ||||||
identifier Null |
For internal Bitsight use. | ||||||
category String |
The Bitsight-calculated asset importance. | ||||||
importance Decimal |
Reiterates the category field. See asset importance. | ||||||
is_ip Boolean |
true = This asset is an IP address. |
||||||
asset_type String |
The type of asset. | ||||||
is_monitored Boolean |
true = The asset is being monitored. |
||||||
details Object |
Finding details. | ||||||
cvss Object |
If the finding has an associated vulnerability, the CVSS score is listed below. | ||||||
base Array |
CVSS scores of vulnerabilities associated with this finding. | ||||||
check_pass String |
For internal Bitsight use. | ||||||
diligence_annotations Object |
Diligence finding details. | ||||||
message String |
The display name of this finding. | ||||||
sampleName String |
The IP/CIDR range. | ||||||
certchain Array |
Certificate chain details. | ||||||
Object | A certificate in the chain. | ||||||
dnsName Array |
Domains within this chain. | ||||||
endDate String [ |
The date when this certificate expires. | ||||||
issuerName String |
The distinguished name of the certificate issuer, made up of attribute assertion values. | ||||||
keyAlgorithm String |
The algorithm used to encrypt and decrypt messages. | ||||||
keyLength Integer |
The bit strength of this key. See the recommended TLS/SSL key length. | ||||||
serialNumber Integer |
The serial number of this certificate. | ||||||
signatureAlgorithm String |
The signing algorithm used in this certificate. | ||||||
startDate String [ |
The date when this certificate started. | ||||||
subjectName String |
The distinguished name of the owner of the certificate, made up of attribute assertion values. | ||||||
ipBelongs Boolean |
true = The IP address belongs to one of this company’s service providers. |
||||||
final_location String |
The URL. | ||||||
geo_ip_location String |
A 2-letter ISO country code indicating the finding’s country of origin. | ||||||
country String |
The finding’s country of origin. | ||||||
grade String |
The finding grade. | ||||||
observed_ips Array |
Observed IP addresses. | ||||||
remediations Array |
Information about the finding and instructions to remediate it. | ||||||
Object | A finding. | ||||||
message String |
The display name of this finding. | ||||||
help_text String |
Details of this finding. | ||||||
remediation_tip String |
The recommended remediation instructions. | ||||||
sample_timestamp String [ |
The date and time when this finding was observed. | ||||||
vulnerabilities Array |
This is not applicable to TLS/SSL Configuration findings. | ||||||
dest_port Integer |
A compromised device was observed to be sending traffic from this port. | ||||||
rollup_end_date String [ |
The date when this finding was last observed. | ||||||
rollup_start_date String [ |
The date when this finding was first observed. | ||||||
searchable_details String |
Certificate details. | ||||||
evidence_key String |
The asset attributed to the finding. | ||||||
first_seen String [ |
The date when this observation was first seen. | ||||||
last_seen String [ |
The date when this observation was last seen. | ||||||
related_findings Array |
Related findings and their details. | ||||||
risk_category String |
The risk category of this finding. | ||||||
risk_vector String |
The slug name of this risk vector. | ||||||
risk_vector_label String |
The display name of this risk vector. | ||||||
rolledup_observation_id String |
A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. | ||||||
severity Decimal |
The finding severity, which is the measured risk that this finding introduces. | ||||||
severity_category String |
The finding severity slug name. | ||||||
tags Array |
Infrastructure tags that identify this asset. | ||||||
remediation_history Object |
The finding’s remediation and refresh history. | ||||||
last_requested_refresh_date String [ |
The date when a finding refresh that included this finding was last requested. | ||||||
last_refresh_status_date String [ |
The date when this finding’s remediation status was last refreshed. | ||||||
last_refresh_status_label String [ |
The current refresh status of this finding. | ||||||
last_refresh_reason_code String [ |
The current remediation status of this finding. | ||||||
asset_overrides Array |
User-assigned asset importance details. | ||||||
duration Integer |
Not applicable to TLS/SSL Configuration findings. | ||||||
comments String |
Finding comments. | ||||||
remaining_decay Integer |
The remaining finding lifetime. | ||||||
remediated Boolean |
|||||||
impacts_risk_vector_details String |
Indicates how the risk vector is impacted. Values:
|
-
January 22, 2025: Added
asset_type
,is_monitored
,sampleName
,ipBelongs
,impacts_risk_vector_details
response fields. - April 18, 2023: Published.
Feedback
0 comments
Please sign in to leave a comment.