Security Performance Management
Continuous Monitoring
Cyber Insurance
National Cybersecurity

Articles in this section

See more

GET: Server Software Finding Details

Avatar
Ingrid
Follow
Publication Date – September 26, 2023

⇤ Findings

https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=server_software

Get an organization’s Server Software finding details.

Parameters

For details specific to Server Software, use the ?risk_vector=server_software parameter. Other query parameters are listed in GET: Finding Details.

Example Request

curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=server_software -u api_token:

Example Response

{
  "links":{
      "next":null,
      "previous":null
  },
  "count":13,
  "results":[
    […]
    {
      "temporary_id":"A9Jq47BBje3ff2913a5e18d1cb127402aa1209f3ea",
      "pcap_id":"UENBUHBjYXBQQ0FQcGNhcPmm1cVnxXe1XdjWaSuFKFRoNhN2q0aYtxOmuvofUnsU01_2PhvV9dhk5Y0LBZ9I7paQ30uU5Ni99PtHWfMOs4A=",
      "affects_rating":true,
      "assets":[
        {
          "asset":"63.208.139.45",
          "identifier":null,
          "category":"low",
          "importance":0.0,
          "is_ip":true
        }
      ],
      "details":{
        "cvss":{
          "base":[ ]
        },
        "check_pass":"",
        "diligence_annotations":{
          "message":"Remote management: Symantec EPM",
          "risks":[
            "Hijack - Domain owners can interact with endpoints potentially interfering with patch or endpoint management."
          ],
          "references":[
            "https://support.symantec.com/en_US/article.HOWTO80785.html",
            "https://www.symantec.com/products/threat-protection/endpoint-management"
          ],
          "source_ip":"63.208.139.45",
          "path_info":"/secars/secars.dll"
        },
        "geo_ip_location":"US",
        "country":"United States",
        "grade":"BAD",
        "remediations":[
          {
            "message":"Remote management: Symantec EPM",
            "help_text":"Corporate endpoints are contacting abandoned domains from Symantec Endpoint Protection Manager.",
            "remediation_tip":"Track down the endpoint system by using the available details, and then reinstall or remove the related insecure application."
          }
        ],
        "sample_timestamp":"2023-09-24T18:59:16Z",
        "sample_count":1,
        "sample_values":"[UA: Sylink]",
        "server_name":"SAPPSEPP01V",
        "user_agent":"Sylink",
        "vulnerabilities":[ ],
        "dest_port":8014,
        "rollup_end_date":"2023-09-24",
        "rollup_start_date":"2023-09-24",
        "searchable_details":"Remote management: Symantec EPM",
        "src_port":49690
      },
      "evidence_key":"63.208.139.45",
      "first_seen":"2023-09-24",
      "last_seen":"2023-09-24",
      "related_findings":[ ],
      "risk_category":"Diligence",
      "risk_vector":"insecure_systems",
      "risk_vector_label":"Insecure Systems",
      "rolledup_observation_id":"RSf_fGg2KrXH894SLes14g==",
      "severity":10.0,
      "severity_category":"severe",
      "tags":[ ],
      "remediation_history":{
        "last_requested_refresh_date":null,
        "last_refresh_status_date":null,
        "last_refresh_status_label":null,
        "last_refresh_reason_code":null
      },
      "asset_overrides":[ ],
      "duration":null,
      "comments":null,
      "remaining_decay":59,
      "remediated":null
    },
    […]
  ]
}

Response Attributes

Field Description 
links
Object 		Navigation for multiple pages of results. See pagination.
  
next
String 		The URL for navigating to the next page of results. 
previous
String 		The URL for navigating to the previous page of results. 
count
Integer 		The number of findings. 
results
Array 		Findings and their details.
  Object A finding.
  
temporary_id
String 		A temporary identifier for this finding. 
pcap_id
String 		The packet capture (PCAP or libpcap) ID. 
affects_rating
Boolean 		true = This finding has an impact on the risk vector letter grade. 
assets
Array 		Asset details.
  Object An asset (IP address or domain).
  
asset
String 		The asset associated with this finding. 
identifier
Null 		This is not applicable to Server Software findings. 
category
String 		The Bitsight-calculated asset importance. 
importance
Decimal 		For internal Bitsight use. 
is_ip
Boolean 		true = The asset is an IP address. 
details
Object 		Details of this finding.
  
cvss
Object 		If the finding has an associated vulnerability, this contains the CVSS score.
  
base
Array 		CVSS scores of vulnerabilities associated with this finding. 
check_pass
String 		For internal Bitsight use. 
diligence_annotations
Object 		Diligence finding details.
  
message
String 		The display name of this finding. 
risks
Array 		A description of the risks involved with this system. 
references
Array 		Source URL for more information. 
source_ip
String 		The IP address of this insecure system. 
path_info
String 		  
geo_ip_location
String 		A 2-letter ISO country code indicating this finding’s country of origin. 
country
String 		This finding’s country of origin. 
grade
String 		The finding grade. 
remediations
Array 		Information about the finding and instructions to remediate it, if any.
  Object The information.
  
message
String 		Details of this finding. 
help_text
String 		An overview of this finding. 
remediation_tip
String 		The recommended remediation instructions. 
sample_timestamp
String [YYYY-MM-DDTHH:MM:SSZ]		 The date and time when this finding was observed. 
sample_count
Integer 		  
sample_values
String 		  
server_name
String 		The name of the server. 
user_agent
String 		  
vulnerabilities
Array 		  
dest_port
Integer 		The destination port. 
rollup_end_date
String [YYYY-MM-DD]		 The date when this finding was last observed. 
rollup_start_date
String [YYYY-MM-DD]		 The date when this finding was first observed. 
searchable_details
String 		Details that can be searched in the Bitsight platform. 
src_port
Integer 		The source port. 
evidence_key
String 		The asset (domain or IP address) that’s attributed to this finding. 
first_seen
String [YYYY-MM-DD]		 The date when this finding was first observed. 
last_seen
String [YYYY-MM-DD]		 The date when this finding was last observed. 
related_findings
Array 		Related findings and their details. 
risk_category
String 		The risk category. 
risk_vector
String 		The risk vector slug name. 
risk_vector_label
String 		The risk vector display name. 
rolledup_observation_id
String 		The rolled up ID for identifying the finding. 
severity
Decimal 		This finding’s Bitsight severity. 
severity_category
String 		This finding’s Bitsight severity. 
tags
Array 		Infrastructure tags identifying the asset. 
remediation_history
Object 		The finding’s remediation and refresh history.
  
last_requested_refresh_date
String [YYYY-MM-DD]		 The date when a finding refresh that included this finding was last requested. 
last_refresh_status_date
String [YYYY-MM-DD]		 The date when this finding’s remediation status was last refreshed. 
last_refresh_status_label
String [YYYY-MM-DD]		 The current refresh status of this finding. 
last_refresh_reason_code
String [YYYY-MM-DD]		 The current remediation status of this finding. 
asset_overrides
Array 		User-assigned asset importance details. 
duration
Null 		For internal Bitsight use. 
comments
Null 		A thread of finding comments. 
remaining_decay
Integer 		The remaining finding lifetime. 
remediated
Boolean 		true = The finding is remediated.

Related articles