GET: Portfolio Threats [v2] Ingrid https://api.bitsighttech.com/ratings/v2/threats/ See threats (such as vulnerabilities) detected in your portfolio. Parameters Example Request Example Response Response Attributes Parameters See query parameters for details on the following parameters: fields format (Default: ↻ json) limit (Default: ↻ 10) offset (Default: ↻ 0) q sort (Default: ↻ exposure_trend) Parameter Values category_slug [Query] Filter by category of threats. [String] vulnerability vulnerability_group company_guid [Query] Filter by company. [String] Company unique identifier [entity_guid]. See GET: Portfolio Details. The impacts_selection parameter must be set to true to use this parameter. CVSS Score [Decimal] CVSS score. severity_gte [Query] Filter by a vulnerability’s severity (≥). severity_lte [Query] Filter by a vulnerability’s severity (≤). Dynamic Vulnerability Exploit (DVE) score. [Integer] 0-10 dve_score [Query] Filter by DVE score. dve_score_lte [Query] Filter by DVE score and lower. dve_score_gte [Query] Filter by DVE score and higher. expand [Query] Include the number of questionnaires sent to each threat. [String] questionnaires_sent exposure_trend [Query] Filter by exposure trend. [String] Increasing Flat Decreasing folder [Query] Filter by folder. [String] Folder unique identifier [folder_guid]. See GET: Folder Details. impacts_group [Query] Filter by impact. [Boolean] true = Include threats that are affecting portfolio companies. false = Include threats that are not affecting portfolio companies. none = Include all threats. Seen Date [String] YYYY-MM-DD first_seen_date_gte [Query] Filter threats first seen on and after a specific date. first_seen_date_lte [Query] Filter threats first seen on and before a specific date. last_seen_date_gte [Query] Filter threats last seen on and after a specific date. last_seen_date_lte [Query] Filter threats last seen on and before a specific date. scope [Query] Limit threats returned. [String] spm = Include threats that affect companies in your SPM portfolio (My Company and SPM Subsidiaries). tprm = Include threats that affect companies in your Continuous Monitoring portfolio. null = Include threats that affect all portfolio companies. severity_level [Query] Filter by vulnerability severity. [String] Bitsight severity slug name. threat_guid [Query] Filter by threat. [String] Threat unique identifier [threat_guid]. See response. tier [Query] Filter by tier. [String] Tier unique identifier [tier_guid]. See GET: Tiers. Example Request curl https://api.bitsighttech.com/ratings/v2/threats/ -u api_token: Example Response { "links": { "previous": null, "next": "https://api.bitsighttech.com/ratings/v2/threats/?limit=30&offset=30" }, "count": 8745, "results": [ { "guid": "db72416d-454a-4551-a03e-74c749048d46", "name": "CVE-2024-20353", "first_seen_date": "2023-09-14", "last_seen_date": "2024-05-17", "severity": { "level": "Material", "details": "CVSS 8.6" }, "category": { "name": "vulnerability", "slug": "vulnerability" }, "support_started_date": "2024-04-30", "exposed_count": 2325, "mitigated_count": 0, "exposure_trend": 2325, "questionnaires_sent": null, "epss": { "score": 0.2, "percentile": 56.0 }, "dve":{ "score":0.0, "highest_score":7.57, "highest_score_date":"2020-01-26T00:00:00", "cti_attributes":[ { "name":"Anonymous", "slug":"is_scanned_by_anonymous_attribute" } ] }, "evidence_certainty": "POSSIBLE" }, […] ] } Response Attributes Field Description links Object Navigation for multiple pages of results. See pagination. previous String The URL for navigating to the previous page of results. next String The URL for navigating to the next page of results. count Integer The number of threats. results Array Threats and their details. Object A threat. guid String [threat_guid] The threat unique identifier. name String The threat name, such as the CVE ID or vulnerability name. first_seen_date String [YYYY-MM-DD] The date when this threat was first seen. last_seen_date String [YYYY-MM-DD] The date when threat data was last available, which indicates either exposure or mitigation. severity Object The vulnerability severity. level String The Bitsight severity level. details String The CVSS score. category Object The threat category. name String The category name. slug String The category slug name. support_started_date String [YYYY-MM-DD] The date when this threat was first supported in the Bitsight platform. exposed_count Integer The number of companies that have been observed to have evidence of exposure (exposure). mitigated_count Integer The number of companies that have evidence of active mitigation (mitigation). exposure_trend Integer The number of exposure changes in the last 14 days. questionnaires_sent Integer If the expand parameter is set (?expand=questionnaires_sent), this count of questionnaires that have been sent is included. epss Object The Exploit Prediction Scoring System (EPSS), which estimates the likelihood that a software will be exploited. The higher the percentage the more likely it will be exploited. score Decimal The EPSS score. percentile Decimal The percentile of the EPSS score compared to all other EPSS scores. dve Object The Dynamic Vulnerability Exploit (DVE), which models exploitation activity based on threat intelligence. score Decimal The 0-10 DVE score with 10 indicating a higher likelihood of exploitation. highest_score Decimal The highest recorded DVE score. highest_score_date String [YYYY-MM-DDTHH:MM:SS] The highest DVE score recording date and time. cti_attributes Array Cyber Threat Intel (CTI) attributes. Object An attribute and its details. name String The attribute name. slug String The attribute slug name. evidence_certainty String The evidence certainty, which measures the certainty of the detection status. Response Codes 200 – Success Everything worked as expected. 422 – Validation Error There was a validation error. April 7, 2025: DVE parameters and response fields. October 17, 2024: Published. Related articles Threats API Endpoint Parameters GET: Portfolio Details Vulnerability Severity: Bitsight Severity & CVSS Finding Rescan: Asset Not Found and Assumed Remediated Feedback 0 comments Please sign in to leave a comment.