https://api.bitsighttech.com/ratings//v1/companies/company_guid/findings?risk_vector=web_appsec
Get an organization’s Web Application Security finding details.
Evidence Details
The details in the evidences
field vary by assessment.
-
Cross-Site Scripting:
cross_domain_subresource_integrity_check
cross_domain_subresource_integrity_failure
content_security_policy
csp_violation
javascript_library_vulnerabilities
-
Components with Known Vulnerabilities:
exposed_csm_admin_page
-
Broken Authentication and Access Control:
cross_site_request_forgery
authentication_on_insecure_channel
secure_cookie_on_insecure_channel
-
Sensitive Data Exposure:
session_token_in_url
mixed_content
hsts_preload_present
cookie_same_site_attribute
cookie_same_site_blocked
unsafe_referrer_policy
internal_server_error
-
Security Misconfiguration:
reverse_tabnabbing
tls_error
directory_listing_exposure
cors_violation
permissive_cors_whitelist
https_to_http_redirect
Parameters
For details specific to Web Application Security, use the ?risk_vector=web_appsec
parameter. Other query parameters are listed in GET: Finding Details.
Example Request
curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=web_appsec -u entity_guid/assets -u api_token:
Example Response
{ "links":{ "next":"https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?limit=100&offset=100&risk_vector=web_appsec", "previous":null }, "count":169, "results":[ […] { "temporary_id":"A9Jq47BBjed53f930d7ef87e2ffd133788f5f5317177e540b2d71f5ee5df68361677cc23b4", "affects_rating":false, "assets":[ { "asset":"example.domain.org", "identifier":null, "category":"critical", "importance":0.1, "is_ip":false, "asset_type":"Domain" } ], "details":{ "cvss":{ "base":[ ] }, "check_pass":"", "diligence_annotations":{ "evidences":[ […] { ⊕ See evidence details specific to the assessment "status":"Failed", "severity":"Minor", "assessmentName":"authentication_on_insecure_channel" } ], }, "failed_evidence":2, "grade":"NEUTRAL", "remediations":[ […] ], "sample_timestamp":"2023-12-13T01:00:13Z", "total_evidence":2, "vulnerabilities":[ ], "assessment_name":"cross_site_request_forgery", "rollup_end_date":"2023-12-13", "rollup_start_date":"2023-12-13", "searchable_details":"Cross Site Request Forgery" }, "evidence_key":"example.domain.org:80", "first_seen":"2023-12-13", "last_seen":"2023-12-13", "related_findings":[ ], "risk_category":"Diligence", "risk_vector":"web_appsec", "risk_vector_label":"Web Application Security", "rolledup_observation_id":"mG2JT3rQ-xicbspF-lJWjw==", "severity":1.0, "severity_category":"minor", "tags":[ "adsfasdfafa" ], "remediation_history":{ "last_requested_refresh_date":"2024-06-19", "last_refresh_status_date":"2024-06-23", "last_refresh_status_label":"failed", "last_refresh_status_reason": "asset_not_found", "last_refresh_reason_code":"asset unreachable", "last_refresh_requester": "1e10564d-fawa-4331-0000-6f7588b55a98", "result_finding_date": null }, "asset_overrides":[ ], "duration":null, "comments":null, "remaining_decay":null, "remediated":null, "impacts_risk_vector_details":"LIFETIME_EXPIRED" } ] }
Response Attributes
Field | Description | ||||||
---|---|---|---|---|---|---|---|
links Object |
Navigation for multiple pages of results. See pagination. | ||||||
next String |
The URL for navigating to the next page of results. | ||||||
previous String |
The URL for navigating to the previous page of results. | ||||||
count Integer |
The number of findings. | ||||||
results Array |
Findings and their details. | ||||||
Object | A finding. | ||||||
temporary_id String |
A temporary identifier for this finding. | ||||||
affects_rating Boolean |
true = This finding impacts the letter grade. |
||||||
assets Array |
Asset details. | ||||||
Object | An asset. | ||||||
asset String |
The asset name. | ||||||
identifier Null |
For internal Bitsight use. | ||||||
category String |
The Bitsight-calculated asset importance. | ||||||
importance Decimal |
The Bitsight-calculated asset importance. | ||||||
is_ip Boolean |
true = This asset is an IP address. |
||||||
asset_type String |
The type of asset. | ||||||
details Object |
Details of this finding. | ||||||
cvss Object |
If the finding has an associated vulnerability, this contains the CVSS score. | ||||||
base Array |
CVSS scores of vulnerabilities associated with this finding. | ||||||
check_pass String |
For internal Bitsight use. | ||||||
diligence_annotations Object |
Diligence finding details. | ||||||
evidences Array |
Evidence collected when a specific web application was assessed. | ||||||
Object |
The collected evidence. See details specific to the assessment (
|
||||||
status String |
The assessment results or status. | ||||||
severity String |
The finding severity. | ||||||
assessmentName String |
The assessment name that the evidence is associated with. | ||||||
failed_evidence Integer |
The number of findings with failing evidence. | ||||||
grade String |
The finding grade. | ||||||
remediations Array |
Information about the finding and instructions to remediate it. | ||||||
sample_timestamp String [ |
The date and time when this finding was observed. | ||||||
total_evidence Integer |
The total number of available evidence. | ||||||
vulnerabilities Array |
This is not applicable to Web Application Security findings. | ||||||
assessment_name String |
The assessment name that the evidence is associated with. | ||||||
rollup_end_date String [ |
The date when this finding was last observed. | ||||||
rollup_start_date String [ |
The date when this finding was first observed. | ||||||
searchable_details String |
Details that can be searched in the Bitsight platform. | ||||||
evidence_key String |
The asset (domain or IP address) that’s attributed to this finding. | ||||||
first_seen String [ |
The date when this finding was first observed. | ||||||
last_seen String [ |
The date when this finding was last observed. | ||||||
related_findings Array |
Related findings and their details. | ||||||
risk_category String |
The risk category. | ||||||
risk_vector String |
The risk vector slug name. | ||||||
risk_vector_label String |
The risk vector display name. | ||||||
rolledup_observation_id String |
A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. | ||||||
severity Decimal |
This finding’s Bitsight severity. | ||||||
severity_category String |
This finding’s Bitsight severity. | ||||||
tags Array |
Infrastructure tags identifying the asset. | ||||||
remediation_history Object |
If ?expand=remediation_history parameter is set, the remediation history of the finding is included. |
||||||
last_requested_refresh_date String [ |
The date when a finding rescan that included this finding was last requested. | ||||||
last_refresh_status_date String [ |
The date when a rescan of the remediation status of this finding was last requested. | ||||||
last_refresh_status_label String |
The current rescan status of this finding. | ||||||
last_refresh_status_reason String |
The rescan status. | ||||||
last_refresh_reason_code String |
The reason code for the rescan status. | ||||||
last_refresh_requester String [ |
The unique identifier of the user who requested the rescan. | ||||||
result_finding_date String [ |
The first seen date of the finding that resulted from the rescan, if applicable. | ||||||
asset_overrides Array |
User-assigned asset importance details. | ||||||
duration Null |
For internal Bitsight use. | ||||||
comments Null |
A thread of finding comments. | ||||||
remaining_decay Integer |
The remaining finding lifetime. | ||||||
remediated Boolean |
true = The finding is remediated. |
||||||
impacts_risk_vector_details String |
|
-
February 28, 2025: Added
last_refresh_status_reason
,last_refresh_reason_code
,last_refresh_requester
, andresult_finding_date
response attributes. -
July 17, 2024:
sampled
no longer supported. -
May 15, 2024: Assessment annotations grouped by assessment into
evidences
field.
Feedback
3 comments
The page is supposed to be about the API for Web Application Security, but it contains content related to botnet infections.
This page is describing botnet infections instead of web app sec. Since the details vary per vector, this means the models for the new web app sec findings are not documented anywhere. Could you please update? This was reported by another user 3 weeks ago. Is there a better channel to report this sort of issue?
Sorry for the slow response. This error is now fixed.
Please sign in to leave a comment.