https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=server_software
Get an organization’s Server Software finding details.
Parameters
For details specific to Server Software, use the ?risk_vector=server_software parameter. Other query parameters are listed in GET: Finding Details.
Example Request
curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=server_software -u api_token:
Example Response
{
"links":{
"next":null,
"previous":null
},
"count":13,
"results":[
[…]
{
"temporary_id":"A9Jq47BBje3ff2913a5e18d1cb127402aa1209f3ea",
"pcap_id":"UENBUHBjYXBQQ0FQcGNhcPmm1cVnxXe1XdjWaSuFKFRoNhN2q0aYtxOmuvofUnsU01_2PhvV9dhk5Y0LBZ9I7paQ30uU5Ni99PtHWfMOs4A=",
"affects_rating":true,
"assets":[
{
"asset":"63.208.139.45",
"identifier":null,
"category":"low",
"importance":0.0,
"is_ip":true
}
],
"details":{
"cvss":{
"base":[ ]
},
"check_pass":"",
"diligence_annotations":{
"message":"Remote management: Symantec EPM",
"risks":[
"Hijack - Domain owners can interact with endpoints potentially interfering with patch or endpoint management."
],
"references":[
"https://support.symantec.com/en_US/article.HOWTO80785.html",
"https://www.symantec.com/products/threat-protection/endpoint-management"
],
"source_ip":"63.208.139.45",
"path_info":"/secars/secars.dll"
},
"geo_ip_location":"US",
"country":"United States",
"grade":"BAD",
"remediations":[
{
"message":"Remote management: Symantec EPM",
"help_text":"Corporate endpoints are contacting abandoned domains from Symantec Endpoint Protection Manager.",
"remediation_tip":"Track down the endpoint system by using the available details, and then reinstall or remove the related insecure application."
}
],
"sample_timestamp":"2023-09-24T18:59:16Z",
"sample_count":1,
"sample_values":"[UA: Sylink]",
"server_name":"SAPPSEPP01V",
"user_agent":"Sylink",
"vulnerabilities":[ ],
"dest_port":8014,
"rollup_end_date":"2023-09-24",
"rollup_start_date":"2023-09-24",
"searchable_details":"Remote management: Symantec EPM",
"src_port":49690
},
"evidence_key":"63.208.139.45",
"first_seen":"2023-09-24",
"last_seen":"2023-09-24",
"related_findings":[ ],
"risk_category":"Diligence",
"risk_vector":"insecure_systems",
"risk_vector_label":"Insecure Systems",
"rolledup_observation_id":"RSf_fGg2KrXH894SLes14g==",
"severity":10.0,
"severity_category":"severe",
"tags":[ ],
"remediation_history":{
"last_requested_refresh_date":"2024-06-19",
"last_refresh_status_date":"2024-06-23",
"last_refresh_status_label":"failed",
"last_refresh_status_reason": "asset_not_found",
"last_refresh_reason_code":"asset unreachable",
"last_refresh_requester": "1e10564d-fawa-4331-0000-6f7588b55a98",
"result_finding_date": null
},
"asset_overrides":[ ],
"duration":null,
"comments":null,
"remaining_decay":59,
"remediated":null
},
[…]
]
}
Response Attributes
| Field | Description | |||||
|---|---|---|---|---|---|---|
linksObject |
Navigation for multiple pages of results. See pagination. | |||||
nextString |
The URL for navigating to the next page of results. | |||||
previousString |
The URL for navigating to the previous page of results. | |||||
countInteger |
The number of findings. | |||||
resultsArray |
Findings and their details. | |||||
| Object | A finding. | |||||
temporary_idString |
A temporary identifier for this finding. | |||||
pcap_idString |
The packet capture (PCAP or libpcap) ID. | |||||
affects_ratingBoolean |
true = This finding has an impact on the risk vector letter grade. |
|||||
assetsArray |
Asset details. | |||||
| Object | An asset (IP address or domain). | |||||
assetString |
The asset associated with this finding. | |||||
identifierNull |
This is not applicable to Server Software findings. | |||||
categoryString |
The Bitsight-calculated asset importance. | |||||
importanceDecimal |
For internal Bitsight use. | |||||
is_ipBoolean |
true = The asset is an IP address. |
|||||
detailsObject |
Details of this finding. | |||||
cvssObject |
If the finding has an associated vulnerability, this contains the CVSS score. | |||||
baseArray |
CVSS scores of vulnerabilities associated with this finding. | |||||
check_passString |
For internal Bitsight use. | |||||
diligence_annotationsObject |
Diligence finding details. | |||||
messageString |
The display name of this finding. | |||||
risksArray |
A description of the risks involved with this system. | |||||
referencesArray |
Source URL for more information. | |||||
source_ipString |
The IP address of this insecure system. | |||||
path_infoString |
||||||
geo_ip_locationString |
A 2-letter ISO country code indicating this finding’s country of origin. | |||||
country String |
This finding’s country of origin. | |||||
grade String |
The finding grade. | |||||
remediations Array |
Information about the finding and instructions to remediate it, if any. | |||||
| Object | The information. | |||||
message String |
Details of this finding. | |||||
help_text String |
An overview of this finding. | |||||
remediation_tip String |
The recommended remediation instructions. | |||||
sample_timestamp String [ |
The date and time when this finding was observed. | |||||
sample_countInteger |
||||||
sample_values String |
||||||
server_name String |
The domain name of the affected server. It is known to be a command and control server, sinkhole, or is hosting adware. | |||||
user_agent String |
The user-agent string in the header, which identifies end-user interactions with web content. The details include the application, operating system, browser, and software version. |
|||||
vulnerabilities Array |
||||||
dest_portInteger |
The destination port. | |||||
rollup_end_dateString [ YYYY-MM-DD] |
The date when this finding was last observed. | |||||
rollup_start_dateString [ YYYY-MM-DD] |
The date when this finding was first observed. | |||||
searchable_detailsString |
Details that can be searched in the Bitsight platform. | |||||
src_portInteger |
The port where traffic from a compromised device was observed. | |||||
evidence_key String |
The asset (domain or IP address) that’s attributed to this finding. | |||||
first_seen String [ |
The date when this finding was first observed. | |||||
last_seen String [ |
The date when this finding was last observed. | |||||
related_findings Array |
Related findings and their details. | |||||
risk_categoryString |
The risk category. | |||||
risk_vectorString |
The risk vector slug name. | |||||
risk_vector_labelString |
The risk vector display name. | |||||
rolledup_observation_idString |
A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. | |||||
severityDecimal |
This finding’s Bitsight severity. | |||||
severity_categoryString |
This finding’s Bitsight severity. | |||||
tags Array |
Infrastructure tags identifying the asset. | |||||
remediation_history Object |
If ?expand=remediation_history parameter is set, the remediation history of the finding is included. |
|||||
last_requested_refresh_date String [ |
The date when a finding rescan that included this finding was last requested. | |||||
last_refresh_status_date String [ |
The date when a rescan of the remediation status of this finding was last requested. | |||||
last_refresh_status_label String |
The current rescan status of this finding. | |||||
last_refresh_status_reason String |
The rescan status. | |||||
last_refresh_reason_code String |
The reason code for the resacn status. | |||||
last_refresh_requester String [user_guid] |
The unique identifier of the user who requested the rescan. | |||||
result_finding_date String [YYYY-MM-DD] |
The first seen date of the finding that resulted from the rescan, if applicable. | |||||
asset_overridesArray |
User-assigned asset importance details. | |||||
durationNull |
For internal Bitsight use. | |||||
commentsNull |
A thread of finding comments. | |||||
remaining_decayInteger |
The remaining finding lifetime. | |||||
remediatedBoolean |
true = The finding is remediated. |
|||||
-
February 28, 2025: Added
last_refresh_status_reason,last_refresh_reason_code,last_refresh_requester, andresult_finding_dateresponse attributes. - September 26, 2023: Published.
Feedback
0 comments
Please sign in to leave a comment.