https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=ssl_configurations
Get TLS/SSL Configurations finding details.
Parameters
For details specific to TLS/SSL Configurations, use the ?risk_vector=ssl_configurations parameter. Other query parameters are listed in GET: Finding Details.
Example Request
curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=ssl_configurations -u api_token:
Example Response
{
"links":{
"next":"https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?limit=100&offset=100&risk_vector=ssl_configurations",
"previous":null
},
"count":1533,
"results":[
{
"temporary_id":"A1Aa11AAaaaa11111a1a11aa11a1aaa1a111aaa111",
"affects_rating":true,
"assets":[
{
"asset":"22.2.222.222",
"identifier":null,
"category":"low",
"importance":0.0,
"is_ip":true,
"asset_type":"Domain",
"is_monitored":false
}
],
"details":{
"cvss":{
"base":[ ]
},
"check_pass":"",
"diligence_annotations":{
"message":"Allows insecure protocol: TLSv1.0, Allows insecure protocol: TLSv1.1",
"sampleName":"https://11.2.333.444/",
"certchain":[
[…]
{
"dnsName":[
"example.com"
],
"endDate":"2038-01-15 12:00:00",
"issuerName":"C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root G2",
"keyAlgorithm":"RSA",
"keyLength":2048,
"serialNumber":"1231231231231231231231231231231231234",
"signatureAlgorithm":"SHA256WITHRSA",
"startDate":"2013-08-01 12:00:00",
"subjectName":"C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root G2"
}
]
"ipBelongs":true
},
"final_location":"https://11.2.333.444/",
"geo_ip_location":"A1",
"country":"Demo Country 1",
"grade":"BAD",
"observed_ips":[
"11.2.333.444:443"
],
"remediations":[
[…]
{
"message":"Allows insecure protocol: TLSv1.1",
"help_text":"TLS version 1.1 has been deprecated.",
"remediation_tip":"Update your company’s server-configurations to disable this protocol. Refer to the <a href=\"https://weakdh.org/sysadmin.html\" rel=\"noopener\" target=\"_blank\">Guide to Deploying Diffie-Hellman for TLS</a> for explicit instructions."
}
],
"sample_timestamp":"2023-04-05T12:52:46Z",
"vulnerabilities":[ ],
"dest_port":443,
"rollup_end_date":"2023-04-05",
"rollup_start_date":"2022-12-27",
"searchable_details":"Allows insecure protocol: TLSv1.0, Allows insecure protocol: TLSv1.1,1111111111111111111111111111111111111111111111,22222222222222222222222222222222222222,3333333333333333333333333333333333333,C=US,O=Example Corporation,CN=Example TLS Issuing CA 02,C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root G2,C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root G2"
},
"evidence_key":"11.2.333.444:443",
"first_seen":"2022-12-27",
"last_seen":"2023-04-05",
"related_findings":[ ],
"risk_category":"Diligence",
"risk_vector":"ssl_configurations",
"risk_vector_label":"SSL Configurations",
"rolledup_observation_id":"B-B2bb2BBB222Bbbbbbb2b==",
"severity":10.0,
"severity_category":"severe",
"tags":[
"Guest WiFi",
],
"remediation_history":{
"last_requested_refresh_date":"2024-06-19",
"last_refresh_status_date":"2024-06-23",
"last_refresh_status_label":"failed",
"last_refresh_status_reason": "asset_not_found",
"last_refresh_reason_code":"asset unreachable",
"last_refresh_requester": "1e10564d-fawa-4331-0000-6f7588b55a98",
"result_finding_date": null
},
"asset_overrides":[ ],
"duration":null,
"comments":null,
"remaining_decay":59,
"remediated":null,
"impacts_risk_vector_details":"AFFECTS_RATING"
}
]
}
Response Attributes
| Field | Description | ||||||
|---|---|---|---|---|---|---|---|
links Object |
Navigation for multiple pages of results. See pagination. | ||||||
next String |
The URL for navigating to the next page of results. | ||||||
previous String |
The URL for navigating to the previous page of results. | ||||||
count Integer |
The number of findings. | ||||||
results Array |
Finding objects. | ||||||
| Object | A finding. | ||||||
temporary_id String |
A temporary identifier for this finding. | ||||||
affects_rating Boolean |
true = This finding has an impact on the risk vector letter grade. |
||||||
assets Array |
Assets relating to this finding. | ||||||
| Object | An asset (IP address or domain). | ||||||
asset String |
The asset associated with this finding. | ||||||
identifier Null |
For internal Bitsight use. | ||||||
category String |
The Bitsight-calculated asset importance. | ||||||
importance Decimal |
Reiterates the category field. See asset importance. | ||||||
is_ip Boolean |
true = This asset is an IP address. |
||||||
asset_type String |
The type of asset. | ||||||
is_monitored Boolean |
true = The asset is being monitored. |
||||||
details Object |
Finding details. | ||||||
cvss Object |
If the finding has an associated vulnerability, the CVSS score is listed below. | ||||||
base Array |
CVSS scores of vulnerabilities associated with this finding. | ||||||
check_pass String |
For internal Bitsight use. | ||||||
diligence_annotations Object |
Diligence finding details. | ||||||
message String |
The display name of this finding. | ||||||
sampleName String |
The IP/CIDR range. | ||||||
certchain Array |
Certificate chain details. | ||||||
| Object | A certificate in the chain. | ||||||
dnsName Array |
Domains within this chain. | ||||||
endDate String [ |
The date when this certificate expires. | ||||||
issuerName String |
The distinguished name of the certificate issuer, made up of attribute assertion values. | ||||||
keyAlgorithm String |
The algorithm used to encrypt and decrypt messages. | ||||||
keyLength Integer |
The bit strength of this key. See the recommended TLS/SSL key length. | ||||||
serialNumber Integer |
The serial number of this certificate. | ||||||
signatureAlgorithm String |
The signing algorithm used in this certificate. | ||||||
startDate String [ |
The date when this certificate started. | ||||||
subjectName String |
The distinguished name of the owner of the certificate, made up of attribute assertion values. | ||||||
ipBelongs Boolean |
true = The IP address belongs to one of this company’s service providers. |
||||||
final_location String |
The URL. | ||||||
geo_ip_location String |
A 2-letter ISO country code indicating the finding’s country of origin. | ||||||
country String |
The finding’s country of origin. | ||||||
grade String |
The finding grade. | ||||||
observed_ips Array |
Observed IP addresses. | ||||||
remediations Array |
Information about the finding and instructions to remediate it. | ||||||
| Object | A finding. | ||||||
message String |
The display name of this finding. | ||||||
help_text String |
Details of this finding. | ||||||
remediation_tip String |
The recommended remediation instructions. | ||||||
sample_timestamp String [ |
The date and time when this finding was observed. | ||||||
vulnerabilities Array |
This is not applicable to TLS/SSL Configuration findings. | ||||||
dest_port Integer |
A compromised device was observed to be sending traffic from this port. | ||||||
rollup_end_date String [ |
The date when this finding was last observed. | ||||||
rollup_start_date String [ |
The date when this finding was first observed. | ||||||
searchable_details String |
Certificate details. | ||||||
evidence_key String |
The asset attributed to the finding. | ||||||
first_seen String [ |
The date when this observation was first seen. | ||||||
last_seen String [ |
The date when this observation was last seen. | ||||||
related_findings Array |
Related findings and their details. | ||||||
risk_category String |
The risk category of this finding. | ||||||
risk_vector String |
The slug name of this risk vector. | ||||||
risk_vector_label String |
The display name of this risk vector. | ||||||
rolledup_observation_id String |
A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. | ||||||
severity Decimal |
The finding severity, which is the measured risk that this finding introduces. | ||||||
severity_category String |
The finding severity slug name. | ||||||
tags Array |
Infrastructure tags that identify this asset. | ||||||
remediation_history Object |
If ?expand=remediation_history parameter is set, the remediation history of the finding is included. |
||||||
last_requested_refresh_date String [ |
The date when a finding rescan that included this finding was last requested. | ||||||
last_refresh_status_date String [ |
The date when a rescan of the remediation status of this finding was last requested. | ||||||
last_refresh_status_label String |
The current rescan status of this finding. | ||||||
last_refresh_status_reason String |
The rescan status. | ||||||
last_refresh_reason_code String |
The reason code for the rescan status. | ||||||
last_refresh_requester String [ |
The unique identifier of the user who requested the rescan. | ||||||
result_finding_date String [ |
The first seen date of the finding that resulted from the rescan, if applicable. | ||||||
asset_overrides Array |
User-assigned asset importance details. | ||||||
duration Integer |
Not applicable to TLS/SSL Configuration findings. | ||||||
comments String |
Finding comments. | ||||||
remaining_decay Integer |
The remaining finding lifetime. | ||||||
remediated Boolean |
|||||||
impacts_risk_vector_details String |
Indicates how the risk vector is impacted. Values:
|
||||||
-
February 28, 2025: Added
last_refresh_status_reason,last_refresh_reason_code,last_refresh_requester, andresult_finding_dateresponse attributes. -
January 22, 2025: Added
asset_type,is_monitored,sampleName,ipBelongs,impacts_risk_vector_detailsresponse fields. - April 18, 2023: Published.
Feedback
0 comments
Please sign in to leave a comment.