Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

GET: Public Disclosures in Portfolio

Ingrid

https://api.bitsighttech.com/ratings/v1/portfolio/breaches

Get Public Disclosure details of organizations in your portfolio.

Parameters

company

[Query] Filter by a specific company.

Value: [String] Company unique identifier [entity_guid]. See GET: Portfolio Details.

[Date] start

[Query] Filter from the specified date.

Value: [String] YYYYMMDD

[Date] end

[Query] Filter before the specified date.

Value: [String] YYYYMMDD

folder

[Query] Filter companies in the specified folder.

Value: [String] Folder unique identifier [folder_guid]. See GET: Folder Details.

severity

[Query] Filter events that are equal to a specified severity level.

Value: [Integer] Numerical severity value. See incident severity levels.

severity_gte

[Query] Filter events that are greater than or equal to a specified severity level.

Value: [Integer] Numerical severity value. See incident severity levels.

severity_gt

[Query] Filter events that are greater than a specified severity level.

Value: [Integer] Numerical severity value. See incident severity levels.

severity_lte

[Query] Filter events that are less than or equal to a specified severity level.

Value: [Integer] Numerical severity value. See incident severity levels.

severity_lt

[Query] Filter events that are less than a specified severity level.

Value: [Integer] Numerical severity value. See incident severity levels.

tier

[Query] Filter companies in the specified tier.

Value: [String] Tier unique identifier [tier_guid]. See GET: Tiers.

Example Request

curl 'https://api.bitsighttech.com/ratings/v1/portfolio/breaches' -u api_token:

Example Response

[
  {
    "guid":"2620e5e6-2a9f-4a27-8703-4fd6b746aca7",
    "event_type":"Web Apps",
    "category_slug":"breach",
    "text":"Hackers gained access to the Pollinate, Inc. customer database. This action compromised the financial information of 1234 individuals.",
    "is_direct":true,
    "date":"2019-09-29",
    "breached_company":{
      "guid":"19d16bf5-11a6-467b-b7b1-f5563daece69",
      "name":"Pollinate, Inc."
    },
    "category_name":"Breach Security Incident",
    "severity":2,
    "preview_url":"http://s3.amazonaws.com/com.bitsighttech.breachpdf/fakery/Fake%20Breach%20Form.pdf",
    "event_type_description":"An incident in which a web application was the attack vector, including code level vulnerabilities in the application and thwarted authentication mechanisms",
    "date_created":"2020-02-20",
    "affected_portfolio_company":{
      "guid":"19d16bf5-11a6-467b-b7b1-f5563daece69",
      "name":"Pollinate, Inc."
    }
  }
]

Response Attributes

Field Description 
guid

String [incident_guid]

 The unique identifier of the Public Disclosure event. 
event_type

String

The Public Disclosures incident type.

Examples: Fraud, Privilege Abuse, Ransomware, etc.
 
category_slug

String

The slug name of the Public Disclosures incident category.

 
text

String

 A summary of the Public Disclosures event. 
is_direct

Boolean

 true = This company was the original target within a multiparty event. 
date

String [YYYY‑MM‑DD]

 The date when this event will start to impact the rating. This is either the date of disclosure or the publication date of the source (whichever is earlier). 
breached_company

Object

 A company that was impacted by the event.
  
guid

String [entity_guid]

 This company’s unique identifier. 
name

String

 This company’s name. 
category_name

String

The incident category.

 
severity

Integer

The severity of the Public Disclosures event.

Values:

  • 0 = Informational
  • 1 = Minor
  • 2 = Moderate
  • 3 = Severe
 
preview_url

String

 The URL path for the news source and documentation. 
event_type_description

String

 A description of the incident type. 
date_created

String [YYYY‑MM‑DD]

 The date when this Public Disclosures event was added to the Bitsight platform. 
affected_portfolio_company

Object

 This company in your portfolio was affected by this Public Disclosures event.
  
guid

String [entity_guid]

 This company’s unique identifier. 
name

String

 This company’s name.
  • October 19, 2023: Defined Security Incident severity and linked to resource.
  • August 30, 2022: New guid [incident_guid] field.
  • June 14, 2021: Updated the description of the is_direct field; Linked to the definition of a “multiparty” event.

Related articles

Feedback

0 comments

Please sign in to leave a comment.