GET: Patching Cadence Findings Ingrid https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=patching_cadence Get an organization’s Patching Cadence finding details. Parameters For details specific to Patching Cadence, use the ?risk_vector=patching_cadence parameter. Other query parameters are listed in GET: Finding Details. Example Request curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=patching_cadence -u api_token: Example Response { "links":{ "next":null, "previous":null }, "count":18, "results":[ […] { "temporary_id":"A9Jq47BBje3d147963774e284e3ddcc6542edbfbb0", "affects_rating":true, "assets":[ { "asset":"23.4.136.143", "identifier":null, "category":"low", "importance":0.0, "is_ip":true } ], "details":{ "cvss":{ "base":[ 3.4 ] }, "check_pass":"", "diligence_annotations":{ "remediation_dates":[ { "first":"2019-03-06 12:59:09", "last":"now" } ], "is_remediated":false }, "remediations":[ { "message":"CVE-2014-3566 (POODLE)", "help_text":"The SSLv3 protocol, as used in OpenSSL through 1.0.1i and other products, makes it easier for Man-in-the-middle (MITM) attackers to obtain cleartext data via a padding-oracle attack (a.k.a. POODLE).", "remediation_tip":"Ensure all of your TLS/SSL libraries on the affected machines are up-to-date. Disable SSLv3 support on those servers, as described in <a target=\"new\" href=\"https://disablessl3.com/\">Disable SSLv3</a>." } ], "vulnerability_name":"cve-2014-3566", "vulnerabilities":[ { "name":"CVE-2014-3566", "alias":"POODLE", "display_name":"POODLE", "description":"The SSLv3 protocol, as used in OpenSSL through 1.0.1i and other products, makes it easier for Man-in-the-middle (MITM) attackers to obtain cleartext data via a padding-oracle attack (a.k.a. POODLE).", "remediation_tip":"Ensure all of your TLS/SSL libraries on the affected machines are up-to-date. Disable SSLv3 support on those servers, as described in <a target=\"new\" href=\"https://disablessl3.com/\">Disable SSLv3</a>.", "confidence":"HIGH", "cvss":{ "base":3.4 }, "severity":"Minor" } ], "rollup_end_date":"2023-08-28", "rollup_start_date":"2019-03-06", "searchable_details":"CVE-2014-3566" }, "evidence_key":"23.4.136.143:443", "first_seen":"2019-03-06", "last_seen":"2023-08-28", "related_findings":[ ], "risk_category":"Diligence", "risk_vector":"patching_cadence", "risk_vector_label":"Patching Cadence", "rolledup_observation_id":"wgJohEX15wwNEfyZfyR31A==", "severity":4.3, "severity_category":"moderate", "tags":[ "PrimaryDCHyd", "public" ], "remediation_history":{ "last_requested_refresh_date":"2024-06-19", "last_refresh_status_date":"2024-06-23", "last_refresh_status_label":"failed", "last_refresh_status_reason": "asset_not_found", "last_refresh_reason_code":"asset unreachable", "last_refresh_requester": "1e10564d-fawa-4331-0000-6f7588b55a98", "result_finding_date": null }, "asset_overrides":[ ], "duration":"1637 days", "comments":null, "remaining_decay":292, "remediated":false } ] } Response Attributes Field Description links Object Navigation for multiple pages of results. See pagination. next String The URL for navigating to the next page of results. previous String The URL for navigating to the previous page of results. count Integer The number of findings. results Array Findings and their details. Object A finding. temporary_id String A temporary identifier for this finding. affects_rating Boolean true = This finding has an impact on the risk vector letter grade. assets Array Asset details. Object An asset (IP address or domain). asset String The asset associated with this finding. identifier String This is not applicable to Patching Cadence findings. category String The Bitsight-calculated asset importance. importance Decimal For internal Bitsight use. is_ip Boolean true = This asset is an IP address. details Object Details of this finding. cvss Object If the finding has an associated vulnerability, this contains the CVSS score. base Array CVSS scores of vulnerabilities associated with this finding. check_pass String For internal Bitsight use. diligence_annotations Object Diligence finding details. remediation_dates Array Remediation timeline details. Object The remediation timeline. first String [YYYY-MM-DD HH:MM:SS] The date and time when the finding first appeared. last String When the finding is remediated. is_remediated Boolean true = The finding is remediated. remediations Array Information about the finding and instructions to remediate it, if any. Object The information. message String Details of this finding. help_text String An overview of this finding. remediation_tip String The recommended remediation instructions. vulnerability_name String The vulnerability name or CVE ID. vulnerabilities Array Vulnerabilities affecting the finding. Object A vulnerability and its details. name String The name of the vulnerability. alias String The vulnerability name if it’s a prominent vulnerability. display_name String The vulnerability name if it’s a prominent vulnerability. description String Details about the vulnerability. remediation_tip String Remediation and mitigation instructions. confidence String cvss Object Contains the CVSS score. base Decimal CVSS scores of vulnerabilities associated with this finding. severity String The finding severity, which is the measured risk that this finding introduces. rollup_end_date String [YYYY-MM-DD] The date when this finding was last observed. rollup_start_date String [YYYY-MM-DD] The date when this finding was first observed. searchable_details String Details that can be searched in the Bitsight platform. evidence_key String The asset attributed to the finding. first_seen String [YYYY-MM-DD] The date when this observation was first seen. last_seen String [YYYY-MM-DD] The date when this observation was last seen. related_findings Array Related findings and their details. risk_category String The risk category of this finding. risk_vector String The slug name of this risk vector. risk_vector_label String The display name of this risk vector. rolledup_observation_id String A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. severity Decimal The finding severity, which is the measured risk that this finding introduces. severity_category String The finding severity slug name. tags Array Infrastructure tags identifying this asset. remediation_history Object If ?expand=remediation_history parameter is set, the remediation history of the finding is included. last_requested_refresh_date String [YYYY‑MM‑DD] The date when a finding rescan that included this finding was last requested. last_refresh_status_date String [YYYY‑MM‑DD] The date when a rescan of the remediation status of this finding was last requested. last_refresh_status_label String The current rescan status of this finding. last_refresh_status_reason String The rescan status. last_refresh_reason_code String The reason code for the rescan status. last_refresh_requester String [user_guid] The unique identifier of the user who requested the rescan. result_finding_date String [YYYY-MM-DD] The first seen date of the finding that resulted from the rescan, if applicable. asset_overrides Array User-assigned asset importance details. duration String This finding’s duration. comments Null Finding comments. remaining_decay Integer The remaining finding lifetime. remediated Boolean true = The finding is remediated. February 28, 2025: Added last_refresh_status_reason, last_refresh_reason_code, last_refresh_requester, and result_finding_date response attributes. September 7, 2023: Separated from GET Diligence Finding Details; More details on the vulnerability, remediation, and data confidence based on the evidence. Related articles GET: Finding Details Patching Cadence Findings Endpoints Continuous Monitoring Application TLS/SSL Finding Remediation & Remediation Verification Feedback 0 comments Please sign in to leave a comment.