Publication Date – September 25, 2023
https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=insecure_systems
Get an organization’s Insecure Systems finding details.
Parameters
For details specific to Insecure Systems, use the ?risk_vector=insecure_systems parameter. Other query parameters are listed in GET: Finding Details.
Example Request
curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=insecure_systems -u api_token:
Example Response
{
"links":{
"next":null,
"previous":null
},
"count":13,
"results":[
[…]
{
"temporary_id":"A9Jq47BBje9af792864beec391ad7c979da67673ec",
"pcap_id":"UENBUHBjYXBQQ0FQcGNhcBOSSRTXE8YdG7wF5P1j_0CHKbTTR_8mQXRlxhbUvm4pvuvr2UrfTgurtPLSvWdE39Pup3kRfq95kPw9I3v-R3M=",
"affects_rating":false,
"assets":[
{
"asset":"137.117.206.1",
"identifier":null,
"category":"low",
"importance":0.0,
"is_ip":true
}
],
"details":{
"cvss":{
"base":[ ]
},
"check_pass":"",
"diligence_annotations":{
"message":"Service: Netbios",
"risks":[
"Hijack - Domain owners can interact with endpoints potentially hijacking NTLM creds."
],
"source_ip":"137.117.206.1"
},
"geo_ip_location":"NL",
"country":"Netherlands",
"grade":"BAD",
"remediations":[ ],
"sample_timestamp":"2022-09-13T09:33:40Z",
"sample_count":1,
"vulnerabilities":[ ],
"dest_port":445,
"rollup_end_date":"2022-09-13",
"rollup_start_date":"2022-09-13",
"searchable_details":"Service: Netbios",
"src_port":1025
},
"evidence_key":"137.117.206.1",
"first_seen":"2022-09-13",
"last_seen":"2022-09-13",
"related_findings":[ ],
"risk_category":"Diligence",
"risk_vector":"insecure_systems",
"risk_vector_label":"Insecure Systems",
"rolledup_observation_id":"CkdF7UmgfzbspiRFxA8eKA==",
"severity":10.0,
"severity_category":"severe",
"tags":[ ],
"remediation_history":{
"last_requested_refresh_date":null,
"last_refresh_status_date":null,
"last_refresh_status_label":null,
"last_refresh_reason_code":null
},
"asset_overrides":[ ],
"duration":null,
"comments":null,
"remaining_decay":null,
"remediated":null
}
]
}
Response Attributes
| Field | Description | ||||
|---|---|---|---|---|---|
linksObject |
Navigation for multiple pages of results. See pagination. | ||||
nextString |
The URL for navigating to the next page of results. | ||||
previousString |
The URL for navigating to the previous page of results. | ||||
countInteger |
The number of findings. | ||||
resultsArray |
Findings and their details. | ||||
| Object | A finding. | ||||
temporary_idString |
A temporary identifier for this finding. | ||||
pcap_idString |
The packet capture (PCAP or libpcap) ID. | ||||
affects_ratingBoolean |
true = This finding has an impact on the risk vector letter grade. |
||||
assetsArray |
Asset details. | ||||
| Object | An asset (IP address or domain). | ||||
assetString |
The asset associated with this finding. | ||||
identifierNull |
This is not applicable to Insecure System findings. | ||||
categoryString |
The Bitsight-calculated asset importance. | ||||
importanceDecimal |
For internal Bitsight use. | ||||
is_ipBoolean |
true = The asset is an IP address. | ||||
detailsObject |
Details of this finding. | ||||
cvssObject |
If the finding has an associated vulnerability, this contains the CVSS score. | ||||
baseArray |
CVSS scores of vulnerabilities associated with this finding. | ||||
check_passString |
For internal Bitsight use. | ||||
diligence_annotationsObject |
Diligence finding details. | ||||
messageString |
The display name of this finding. | ||||
risksArray |
A description of the risks involved with this system. | ||||
source_ipString |
The IP address of this insecure system. | ||||
geo_ip_locationString |
A 2-letter ISO country code indicating this finding’s country of origin. | ||||
countryString |
This finding’s country of origin. | ||||
gradeString |
The finding grade. | ||||
remediationsArray |
Information about the finding and instructions to remediate it, if any. | ||||
sample_timestampString [ YYYY-MM-DDTHH:MM:SSZ] |
The date and time when this finding was observed. | ||||
sample_countInteger |
|||||
vulnerabilitiesArray |
Not applicable to Insecure System findings. | ||||
dest_portInteger |
The destination port. | ||||
rollup_end_dateString [ YYYY-MM-DD] |
The date when this finding was last observed. | ||||
rollup_start_dateString [ YYYY-MM-DD] |
The date when this finding was first observed. | ||||
searchable_detailsString |
Details that can be searched in the Bitsight platform. | ||||
src_portInteger |
The source port. | ||||
evidence_keyString |
The asset (domain or IP address) that’s attributed to this finding. | ||||
first_seenString [ YYYY-MM-DD] |
The date when this finding was first observed. | ||||
last_seenString [ YYYY-MM-DD] |
The date when this finding was last observed. | ||||
related_findingsArray |
Findings and their details. | ||||
risk_categoryString |
The risk category. | ||||
risk_vectorString |
The risk vector slug name. | ||||
risk_vector_labelString |
The risk vector display name. | ||||
rolledup_observation_idString |
The rolled up ID for identifying the finding. | ||||
severityDecimal |
This finding’s Bitsight severity. | ||||
severity_categoryString |
This finding’s Bitsight severity. | ||||
tagsArray |
Infrastructure tags identifying the asset. | ||||
remediation_historyObject |
The finding’s remediation and refresh history. | ||||
last_requested_refresh_dateString [ YYYY-MM-DD] |
The date when a finding refresh that included this finding was last requested. | ||||
last_refresh_status_dateString [ YYYY-MM-DD] |
The date when this finding’s remediation status was last refreshed. | ||||
last_refresh_status_labelString [ YYYY-MM-DD] |
The current refresh status of this finding. | ||||
last_refresh_reason_codeString [ YYYY-MM-DD] |
The current remediation status of this finding. | ||||
asset_overridesArray |
User-assigned asset importance details. | ||||
durationNull |
For internal Bitsight use. | ||||
commentsString |
A thread of finding comments. | ||||
remaining_decayInteger [ Calendar Days] |
The remaining finding lifetime. | ||||
remediatedBoolean |
true = The finding is remediated. |
||||