Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

POST: Create an Underwriting Guideline

Ingrid

⇤ Underwriting Guidelines

https://api.bitsighttech.com/ratings/v1/underwriting-guidelines

Create a new underwriting guideline.

Only Admin can create underwriting guidelines. See underwriting guideline user permissions.

Parameters

* Required.

Parameter Values 
risk_vectors

* [Body] Define the guidelines for each risk vector.

[Array]

"risk_vectors": [
  {
    […]
  }
  
risk_vector_slug

* [Body] Identify the risk vector.

 [String] The risk vector slug. See risk types. 
minimum_grade

* [Body] Set the minimum risk vector grade.

 [String] A - F 
is_active

* [Body] Determine if the minimum risk vector grade should be active for comparison.

[Boolean]

  • true = Risk vector and its minimum grade are active for comparison.
  • false = Risk vector and its minimum grade are not active for comparison.
 
threats

[Query] Filter by threats.

 [Array] Comma-separated threat unique identifiers [threat_guid]. See GET: Underwriting Guidelines. 
threat_groups

[Query] Filter by threat groups.

 [Array] Comma-separated threat group unique identifiers [threat_group_guid]. See GET: Underwriting Guidelines. 
infections

[Query] Filter by infections.

 [Array] Infection IDs.

Example Request

curl -X POST –data-ascii '{
  "risk_vectors": [
    {
      "risk_vector_slug": "application_security",
      "minimum_grade": "A",
      "is_active": true
    }
  ],
  "threats": ["a940bb61-33c4-42c9-1234-c8194c305db3", "a940bb61-33c4-42c9-1234-c8194c305db3", ],
  "threat_groups": ["a940bb61-33c4-42c9-1234-c8194c305db3", "a940bb61-33c4-42c9-1234-c8194c305db3", ],
  "infections": [135, 214, ]
}' https://api.bitsighttech.com/ratings/v1/underwriting-guidelines -u api_token: --header "Content-Type:application/json"

Example Response

[
  […]
  {
    "guid": "m521bb61-33c4-42c9-1234-c8194c305db3",
    "risk_vectors": [
      […]
      {
        "risk_vector_slug": "application_security",
        "minimum_grade": "A",
        "is_active": true,
        "risk_vector_category": "Diligence"
      }
    ],
    "threats": [
      […]
      {
        "guid": "a940bb61-33c4-42c9-1234-c8194c305db3",
      }
    ],
    "threat_groups": [
      […]
      {
        "guid": "a940bb61-33c4-42c9-1234-c8194c305db3",
      }
    ],
    ],
    "infections": [
      […]
      {
        "id": 135
      }
    ],
    "updated_time": "2023-03-30T10:41:02.404000Z"
  }
]

Status Codes

Code Description
201 – Success The request was successfully submitted.
400 – Bad Request This can often be due to missing a required parameter.
401 – No Authentication No valid API token was provided.
403 – Unauthorized You do not have permission to access this resource.
404 – Not Found The specified resource could not be found.
  • August 20, 2024: infections parameters.
  • April 9, 2024: threats & threat_groups parameters.
  • April 28, 2023: Published.

Related articles

Feedback

0 comments

Please sign in to leave a comment.