https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=mobile_software
Get an organization’s Mobile Software finding details.
Parameters
For details specific to Mobile Software, use the ?risk_vector=mobile_software
parameter. Other query parameters are listed in GET: Finding Details.
Example Request
curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=mobile_software -u api_token:
Example Response
{ "links":{ "next":"https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?limit=100&offset=100&risk_vector=mobile_software", "previous":null }, "count":963, "results":[ […] { "temporary_id":"A9Jq47BBje0112d0711e31da5eab5b1881262625b8", "affects_rating":true, "assets":[ { "asset":"192.199.225.10", "identifier":null, "category":"critical", "importance":1.0, "is_ip":true } ], "details":{ "cvss":{ "base":[ ] }, "check_pass":"", "estimation_of_users":"1", "diligence_annotations":{ "count_ips":1, "operating_system_rule":{ "version":"7.1.1", "eol":"2019-10-04", "launch":"2016-12-05", "is":"match" }, "user_agent_rule":{ "version":"68.0.3440", "eol":"2018-09-11", "launch":"2018-08-07", "is":"match" }, "sample_ips":[ "192.199.225.10" ], "sample_user_agent_strings":[ "Mozilla/5.0 (Linux; Android 7.1.1; A574BL Build/NMF26F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.91 Mobile Safari/537.36" ], "sample_domains":[ "example.com" ] "sample_records": [{ "ip": "63.208.139.45", "timestamp": "timestamp", "user_agent": "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36", "domain": "www.dictionary.com" }] }, "geo_ip_location":"US", "country":"United States", "grade":"BAD", "operating_system_family":"Android", "operating_system_grade":"WARN", "operating_system_support_status":"UNSUPPORTED", "operating_system_version":"7.1.1", "remediations":[ { "message":"Unsupported Operating System and Browser", "help_text":"The operating system and browser are both not supported.", "remediation_tip":"Ensure the latest version of the operating system is installed. After that, install the latest supported version of the desired browser." } ], "sample_timestamp":"2023-09-01T23:59:59Z", "user_agent_family":"Chrome Mobile", "user_agent_grade":"BAD", "user_agent_support_status":"UNSUPPORTED", "user_agent_version":"68.0.3440", "vulnerabilities":[ ], "rollup_end_date":"2023-09-01", "rollup_start_date":"2023-09-01", "searchable_details":"Unsupported Operating System and Browser" }, "evidence_key":"Android 7.1.1 / Chrome Mobile 68.0.3440", "first_seen":"2023-09-01", "last_seen":"2023-09-01", "related_findings":[ ], "risk_category":"Diligence", "risk_vector":"mobile_software", "risk_vector_label":"Mobile Software", "rolledup_observation_id":"80HWkmlsihnWHaQ0i-BGaQ==", "severity":8.0, "severity_category":"material", "tags":[ "Data Center 1" ], "remediation_history":{ "last_requested_refresh_date":"2024-06-19", "last_refresh_status_date":"2024-06-23", "last_refresh_status_label":"failed", "last_refresh_status_reason": "asset_not_found", "last_refresh_reason_code":"asset unreachable", "last_refresh_requester": "1e10564d-fawa-4331-0000-6f7588b55a98", "result_finding_date": null }, "asset_overrides":[ { "asset":"192.199.225.10", "importance":"high", "override_importance":"high" } ], "duration":null, "comments":null, "remaining_decay":40, "remediated":null } ] }
Response Attributes
Field | Description | |||||
---|---|---|---|---|---|---|
links Object |
Navigation for multiple pages of results. See pagination. | |||||
next String |
The URL for navigating to the next page of results. | |||||
previous String |
The URL for navigating to the previous page of results. | |||||
count Integer |
The number of findings. | |||||
results Array |
Findings and their details. | |||||
Object | A finding. | |||||
temporary_id String |
A temporary identifier for this finding. | |||||
affects_rating Boolean |
true = This finding impacts the risk vector letter grade. |
|||||
assets Array |
Asset (IP address or domain) details. | |||||
Object | An asset. | |||||
asset String |
The asset associated with this finding. | |||||
identifier Null |
This is not applicable to Mobile Software findings. | |||||
category String |
The Bitsight-calculated asset importance. | |||||
importance Decimal |
The Bitsight-calculated asset importance. | |||||
is_ip Boolean |
true = This asset is an IP address. |
|||||
details Object |
Details of this finding. | |||||
cvss Object |
If the finding has an associated vulnerability, this contains the CVSS score. | |||||
base Array |
CVSS scores of vulnerabilities associated with this finding. | |||||
check_pass String |
For internal Bitsight use. | |||||
estimation_of_users String |
The estimated number of affected users. | |||||
diligence_annotations Object |
Diligence finding details. | |||||
count_ips Integer |
The number of IP addresses that are attributed to this finding. | |||||
operating_system_rule Object |
Details of the logic for determining the supported status of the operating system (OS). | |||||
version String |
The operating system version. | |||||
eol String [ |
The OS version’s end-of-life date. | |||||
launch String [ |
The OS version’s launch date. | |||||
is String |
||||||
user_agent_rule Object |
Details of the logic for determining the supported status of the browser. | |||||
version String |
The browser version. | |||||
eol String [ |
The browser version’s end-of-life date. | |||||
launch String [ |
The browser version’s launch date. | |||||
is String |
||||||
sample_ips Array |
A sample of attributed IP addresses. | |||||
sample_user_agent_strings Array |
A sample of browsers. | |||||
sample_domains Array |
A sample of domains. | |||||
sample_records Array |
Sample records. | |||||
ip String |
The source IP address of the connection when the evaluated desktop made an outbound request. This is typically an IP address associated with a firewall. The source IP and user-agent string are used to determine the OS and browser version. | |||||
timestamp String |
Date and time (in UTC) the traffic was observed. | |||||
user_agent String |
The user-agent string in the header, which identifies end-user interactions with web content. The details include the application, operating system, browser, and software version. |
|||||
domain String |
The target host that the browser connected with (if available). If we were able to collect target host information, it is useful for searching the firewall logs to determine which internal host made the connection. Search for the egress IP in the source IP field, the target host, and representative timestamp. | |||||
geo_ip_location String |
A 2-letter ISO country code indicating this finding’s country of origin. | |||||
country String |
This finding’s country of origin. | |||||
grade String |
The finding grade. | |||||
operating_system_family String |
The operating system type. | |||||
operating_system_grade String |
An assessment of this operating system. See graded mobile operating systems. | |||||
operating_system_support_status String |
The support status of this operating system. | |||||
operating_system_version String |
The current OS version. | |||||
remediations Array |
Information about the finding and instructions to remediate it, if any. | |||||
Object |
The information. | |||||
message String |
Details of this finding. | |||||
help_text String |
A description of this finding. | |||||
remediation_tip String |
The recommended remediation instructions. | |||||
sample_timestamp String [ |
The date and time when this finding was observed. | |||||
user_agent_family String |
The browser type. | |||||
user_agent_grade String |
An assessment of this browser. See graded mobile browsers. | |||||
user_agent_support_status String |
This browser’s support status. | |||||
user_agent_version String |
The current browser version. | |||||
vulnerabilities Array |
Not applicable to Mobile Software findings. | |||||
rollup_end_date String [ |
The date when this finding was last observed. | |||||
rollup_start_date String [ |
The date when this finding was first observed. | |||||
searchable_details String |
Details that can be searched in the Bitsight platform. | |||||
evidence_key String |
The asset attributed to the finding. | |||||
first_seen String [ |
The date when an observation was first seen. | |||||
last_seen String [ |
The date when an observation was last seen. | |||||
related_findings Array |
Related findings and their details. | |||||
risk_category String |
The risk category of this finding. | |||||
risk_vector String |
The risk vector slug name. | |||||
risk_vector_label String |
The risk vector display name. | |||||
rolledup_observation_id String |
A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession. | |||||
severity Decimal |
The finding severity, which is the measured risk that this finding introduces. | |||||
severity_category String |
The finding severity slug name. | |||||
tags Array |
Infrastructure tags that identify this asset. | |||||
remediation_history Object |
If ?expand=remediation_history parameter is set, the remediation history of the finding is included. |
|||||
last_requested_refresh_date String [ |
The date when a finding rescan that included this finding was last requested. | |||||
last_refresh_status_date String [ |
The date when a rescan of the remediation status of this finding was last requested. | |||||
last_refresh_status_label String |
The current rescan status of this finding. | |||||
last_refresh_status_reason String |
The rescan status. | |||||
last_refresh_reason_code String |
The reason code for the rescan status. | |||||
last_refresh_requester String [ |
The unique identifier of the user who requested the rescan. | |||||
result_finding_date String [ |
The first seen date of the finding that resulted from the rescan, if applicable. | |||||
asset_overrides Array |
User-assigned asset importance details. | |||||
Object | User-assigned asset importance details. | |||||
asset String |
The domain or IP address. | |||||
importance String |
The user-assigned asset importance. | |||||
override_importance String |
For internal Bitsight use. | |||||
duration Integer |
For internal Bitsight use. | |||||
comments String |
A thread of finding comments. | |||||
remaining_decay Integer |
The remaining finding lifetime. | |||||
remediated Boolean |
true = The finding is remediated. |
-
February 28, 2025: Added
last_refresh_status_reason
,last_refresh_reason_code
,last_refresh_requester
, andresult_finding_date
response attributes. -
October 16, 2024:
sample_records
:domain
is "target host" and updated description;sample_records
:ip
is "source IP" and updated description. -
March 11, 2024: Added
sample_records
,ip
,timestamp
,user_agent
, anddomain
response attributes.
Feedback
0 comments
Please sign in to leave a comment.