API Change Log

This is a log of changes to the Bitsight API, such as new and deprecated endpoints (paths). See the integration guides that use the Bitsight API.

For sustainability purposes, entries older than 2 years are removed from this log.

07-APR-2025

GET: Finding Comments – View finding comments, which can be used to track remediation changes.

03-APR-2025

Dynamic Vulnerability Exploit (DVE) in:

• GET: Cataloged Threats
• GET: Portfolio Threats [v2]
• GET: Threat Impact [v1]

07-JAN-2025

GET: Finding Details [/v1/companies/entity_guid/findings] – last_refresh_status_reason, last_refresh_reason_code, last_refresh_requester, and result_finding_date response attributes.

07-JAN-2025

GET: Monitored Assets Summaries [/v1/portfolio/monitored-assets/summaries] – threats parameters.

31-OCT-2024

Alerts API Endpoint – added company_custom_id to the expand query parameter. When used, this field returns a customer-provided custom ID for the organization.

18-OCT-2024

Threats API Endpoint:

• Version 2.
• EPSS information is available in GET: Cataloged Threats [/v1/threats/catalog].

01-OCT-2024

GET: Monitored Assets Summaries [/v1/portfolio/monitored-assets/summaries] – Get a summary of the critical assets you monitor.

03-SEP-2024

POST: Create a Collaboration Registration Form [/v1/client-access-links] – scope parameter and response attribute to specify the context in which a client access link is created. This endpoint is now available to both CM and Insurance users.

20-AUG-2024

GET: Underwriting Guidelines [/v1/underwriting-guidelines] and GET: Default Underwriting Guidelines [/v1/underwriting-guidelines/defaults] – infections response attribute.

20-AUG-2024

POST: Create an Underwriting Guideline [/v1/underwriting-guidelines] and PATCH: Edit an Underwriting Guideline [/v1/underwriting-guidelines] – infections parameter.

20-AUG-2024

GET: Compare Client to the Underwriting Guidelines [/v1/companies/client_guid/underwriting-guidelines] – infections_count and infections_detected response attributes.

15-JUL-2024

GET: Findings Summaries [/v1/companies/company_guid/findings/statistics] and GET: Findings Statistics [/v1/companies/company_guid/findings/statistics]

10-JUL-2024

Bitsight VRM API – Compatible with company API tokens.

24-MAY-2024

POST: Download Report [/v1/reports] – report_template parameter to specify the report.

16-MAY-2024

GET: Compare Client to the Underwriting Guidelines [/v1/companies/client_guid/underwriting-guidelines] – threat_groups_detected & threats_detected added to the response.

15-MAY-2024

GET: Web Application Security Finding Details – Annotations grouped into evidences object.

09-APR-2024

threats & threat_groups for Underwriting Guidelines:

• GET: Underwriting Guidelines
• GET: Default Underwriting Guidelines
• POST: Create an Underwriting Guideline
• PATCH: Edit an Underwriting Guideline
• GET: Compare Client to the Underwriting Guidelines

08-APR-2024

GET: Finding Details - When no order is specified in a findings API call (/companies/company_guid/findings), the results are supposed to return in descending order based on the last_seen field. A bug that caused some results to appear out of order was recently resolved. As a result, there may be some minor changes to the order of results.

29-MAR-2024

GET: DMARC Finding Details [/v1/companies/company_guid/findings?risk_vector=dmarc

01-MAR-2024

Threats API Endpoint

12-FEB-2024

Client Access Links API Endpoint

30-JAN-2024

POST: Bulk Edit Collaboration Status [/v1/access-requests/bulk] – Edit the collaboration status of collaboration requests through the Client/Vendor Access Program in bulk.

29-JAN-2024

GET: Assets – New parameters.

• tags_contains
• tags_isnull
• ?expand=delegated_security_controls

06-DEC-2023

GET: Peer Comparison Group Configuration Details [/v1/peer-analytics/peer-groups] – Benchmark group.

30-NOV-2023

GET: Assets [/v1/companies/company_guid/assets] – expand parameter to get tag details.

07-NOV-2023

GET: Assets [/v1/companies/company_guid/assets] – temporary_id field for assets.

13-OCT-2023

GET: Finding Details – affects_rating_details parameter.

05-OCT-2023

Current Ratings API Endpoint – Current ratings of an entity or all portfolio entities.

02-OCT-2023

PATCH: Update the Status or Assignee of a Finding [/v1/remediations/]

25-SEP-2023

GET: Ratings Tree [/v1/companies/company_guid/company-tree]

• is_shell parameter
• is_bundled, has_control, is_shell, is_csp fields

16-AUG-2023

GET: Company Requests Summary – Get a summary of your organization’s company requests.

03-AUG-2023

GET: Assets

• New parameters:
  • threat.guid
  • threat.severity_level
  • threat.evidence_certainty
  • threat.exposure_detection
• New rolled_up_observation_ids field.

07-JUN-2023

GET: Assets – New parameters:

• findings.total_count
• findings.total_count_lt
• findings.total_count_gt
• findings.total_count_lte
• findings.total_count_gte

17-MAY-2023

GET: My Infrastructure Report [/v1/companies/company_guid/infrastructure]

01-MAY-2023

GET: Compare Client to the Underwriting Guidelines [/v1/companies/client_guid/underwriting-guidelines] – Compare a client’s risk vectors and their grades to your underwriting guidelines.

28-APR-2023

Underwriting Guidelines API Endpoint

25-APR-2023

GET: 4th Party Public Disclosure Affected Companies – Get companies that were indirectly affected by a 4th party Public Disclosure.

11-APR-2023

GET: User Quota – Get your account’s user quota.