https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=mobile_software
Get an organization’s Mobile Software finding details.
Parameters
For details specific to Mobile Software, use the ?risk_vector=mobile_software
parameter. Other query parameters are listed in GET: Finding Details.
Example Request
curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=mobile_software -u api_token:
Example Response
{ "links":{ "next":"https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?limit=100&offset=100&risk_vector=mobile_software", "previous":null }, "count":963, "results":[ […] { "temporary_id":"A9Jq47BBje0112d0711e31da5eab5b1881262625b8", "affects_rating":true, "assets":[ { "asset":"192.199.225.10", "identifier":null, "category":"critical", "importance":1.0, "is_ip":true } ], "details":{ "cvss":{ "base":[ ] }, "check_pass":"", "estimation_of_users":"1", "diligence_annotations":{ "count_ips":1, "operating_system_rule":{ "version":"7.1.1", "eol":"2019-10-04", "launch":"2016-12-05", "is":"match" }, "user_agent_rule":{ "version":"68.0.3440", "eol":"2018-09-11", "launch":"2018-08-07", "is":"match" }, "sample_ips":[ "192.199.225.10" ], "sample_user_agent_strings":[ "Mozilla/5.0 (Linux; Android 7.1.1; A574BL Build/NMF26F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.91 Mobile Safari/537.36" ], "sample_domains":[ "example.com" ] "sample_records": [{ "ip": "63.208.139.45", "timestamp": "timestamp", "user_agent": "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36", "domain": "www.dictionary.com" }] }, "geo_ip_location":"US", "country":"United States", "grade":"BAD", "operating_system_family":"Android", "operating_system_grade":"WARN", "operating_system_support_status":"UNSUPPORTED", "operating_system_version":"7.1.1", "remediations":[ { "message":"Unsupported Operating System and Browser", "help_text":"The operating system and browser are both not supported.", "remediation_tip":"Ensure the latest version of the operating system is installed. After that, install the latest supported version of the desired browser." } ], "sample_timestamp":"2023-09-01T23:59:59Z", "user_agent_family":"Chrome Mobile", "user_agent_grade":"BAD", "user_agent_support_status":"UNSUPPORTED", "user_agent_version":"68.0.3440", "vulnerabilities":[ ], "rollup_end_date":"2023-09-01", "rollup_start_date":"2023-09-01", "searchable_details":"Unsupported Operating System and Browser" }, "evidence_key":"Android 7.1.1 / Chrome Mobile 68.0.3440", "first_seen":"2023-09-01", "last_seen":"2023-09-01", "related_findings":[ ], "risk_category":"Diligence", "risk_vector":"mobile_software", "risk_vector_label":"Mobile Software", "rolledup_observation_id":"80HWkmlsihnWHaQ0i-BGaQ==", "severity":8.0, "severity_category":"material", "tags":[ "Data Center 1" ], "remediation_history":{ "last_requested_refresh_date":null, "last_refresh_status_date":null, "last_refresh_status_label":null, "last_refresh_reason_code":null }, "asset_overrides":[ { "asset":"192.199.225.10", "importance":"high", "override_importance":"high" } ], "duration":null, "comments":null, "remaining_decay":40, "remediated":null } ] }
Response Attributes
Field | Description | |||||
---|---|---|---|---|---|---|
linksObject |
Navigation for multiple pages of results. See pagination. | |||||
nextString |
The URL for navigating to the next page of results. | |||||
previousString |
The URL for navigating to the previous page of results. | |||||
countInteger |
The number of findings. | |||||
resultsArray |
Findings and their details. | |||||
Object | A finding. | |||||
temporary_idString |
A temporary identifier for this finding. | |||||
affects_ratingBoolean |
true = This finding impacts the risk vector letter grade. |
|||||
assetsArray |
Asset (IP address or domain) details. | |||||
Object | An asset. | |||||
assetString |
The asset associated with this finding. | |||||
identifierNull |
This is not applicable to Mobile Software findings. | |||||
categoryString |
The Bitsight-calculated asset importance. | |||||
importanceDecimal |
The Bitsight-calculated asset importance. | |||||
is_ipBoolean |
true = This asset is an IP address. |
|||||
detailsObject |
Details of this finding. | |||||
cvssObject |
If the finding has an associated vulnerability, this contains the CVSS score. | |||||
baseArray |
CVSS scores of vulnerabilities associated with this finding. | |||||
check_passString |
For internal Bitsight use. | |||||
estimation_of_usersString |
The estimated number of affected users. | |||||
diligence_annotationsObject |
Diligence finding details. | |||||
count_ipsInteger |
The number of IP addresses that are attributed to this finding. | |||||
operating_system_ruleObject |
Details of the logic for determining the supported status of the operating system (OS). | |||||
versionString |
The operating system version. | |||||
eolString [ YYYY-MM-DD ] |
The OS version’s end-of-life date. | |||||
launchString [ YYYY-MM-DD ] |
The OS version’s launch date. | |||||
isString |
||||||
user_agent_ruleObject |
Details of the logic for determining the supported status of the browser. | |||||
versionString |
The browser version. | |||||
eolString [ YYYY-MM-DD ] |
The browser version’s end-of-life date. | |||||
launchString [ YYYY-MM-DD ] |
The browser version’s launch date. | |||||
isString |
||||||
sample_ipsArray |
A sample of attributed IP addresses. | |||||
sample_user_agent_stringsArray |
A sample of browsers. | |||||
sample_domainsArray |
A sample of domains. | |||||
sample_recordsArray |
Sample records. | |||||
ipString |
The source IP address of the connection when the evaluated desktop made an outbound request. This is typically an IP address associated with a firewall. The source IP and user-agent string are used to determine the OS and browser version. | |||||
timestampString |
Date and time (in UTC) the traffic was observed. | |||||
user_agentString |
The user-agent string as sent by the browser. | |||||
domainString |
The target host that the browser connected with (if available). If we were able to collect target host information, it is useful for searching the firewall logs to determine which internal host made the connection. Search for the egress IP in the source IP field, the target host, and representative timestamp. | |||||
geo_ip_locationString |
A 2-letter ISO country code indicating this finding’s country of origin. | |||||
countryString |
This finding’s country of origin. | |||||
gradeString |
The finding grade. | |||||
operating_system_familyString |
The operating system type. | |||||
operating_system_gradeString |
An assessment of this operating system. See graded mobile operating systems. | |||||
operating_system_support_statusString |
The support status of this operating system. | |||||
operating_system_versionString |
The current OS version. | |||||
remediationsArray |
Information about the finding and instructions to remediate it, if any. | |||||
Object | The information. | |||||
messageString |
Details of this finding. | |||||
help_textString |
A description of this finding. | |||||
remediation_tipString |
The recommended remediation instructions. | |||||
sample_timestampString [ YYYY-MM-DDTHH:MM:SSZ ] |
The date and time when this finding was observed. | |||||
user_agent_familyString |
The browser type. | |||||
user_agent_gradeString |
An assessment of this browser. See graded mobile browsers. | |||||
user_agent_support_statusString |
This browser’s support status. | |||||
user_agent_versionString |
The current browser version. | |||||
vulnerabilitiesArray |
Not applicable to Mobile Software findings. | |||||
rollup_end_dateString [ YYYY-MM-DD ] |
The date when this finding was last observed. | |||||
rollup_start_dateString [ YYYY-MM-DD ] |
The date when this finding was first observed. | |||||
searchable_detailsString |
Details that can be searched in the Bitsight platform. | |||||
evidence_keyString |
The asset attributed to the finding. | |||||
first_seenString [ YYYY-MM-DD ] |
The date when an observation was first seen. | |||||
last_seenString [ YYYY-MM-DD ] |
The date when an observation was last seen. | |||||
related_findingsArray |
Related findings and their details. | |||||
risk_categoryString |
The risk category of this finding. | |||||
risk_vectorString |
The risk vector slug name. | |||||
risk_vector_labelString |
The risk vector display name. | |||||
rolledup_observation_idString |
A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. | |||||
severityDecimal |
The finding severity, which is the measured risk that this finding introduces. | |||||
severity_categoryString |
The finding severity slug name. | |||||
tagsArray |
Infrastructure tags that identify this asset. | |||||
remediation_historyObject |
The finding’s remediation and refresh history. | |||||
last_requested_refresh_dateString [ YYYY-MM-DD ] |
The date when a finding refresh that included this finding was last requested. | |||||
last_refresh_status_dateString [ YYYY-MM-DD ] |
The date when this finding’s remediation status was last refreshed. | |||||
last_refresh_status_labelString [ YYYY-MM-DD ] |
The current refresh status of this finding. | |||||
last_refresh_reason_codeString [ YYYY-MM-DD ] |
The current remediation status of this finding. | |||||
asset_overridesArray |
User-assigned asset importance details. | |||||
Object | User-assigned asset importance details. | |||||
assetString |
The domain or IP address. | |||||
importanceString |
The user-assigned asset importance. | |||||
override_importanceString |
For internal Bitsight use. | |||||
durationInteger |
For internal Bitsight use. | |||||
commentsString |
A thread of finding comments. | |||||
remaining_decayInteger |
The remaining finding lifetime. | |||||
remediatedBoolean |
true = The finding is remediated. |
-
October 16, 2024:
sample_records
:domain
is "target host" and updated description;sample_records
:ip
is "source IP" and updated description. -
March 11, 2024: Added
sample_records
,ip
,timestamp
,user_agent
, anddomain
response attributes. - September 26, 2023: Published.
Feedback
0 comments
Please sign in to leave a comment.