GET: Diligence Finding Details Ingrid https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=risk_vector_name The details field for the /findings path shows the details of findings. The included details vary, depending on the risk vector. The IP addresses of other companies are masked, in accordance with our responsible disclosure policy. Please review our terms and conditions, and then update your IP Visibility configurations accordingly. Example Request curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=spf -u api_token: To get details on specific risk vectors, use the risk_vector parameter along with the following values: SPF Domains = spf DKIM Records = dkim TLS/SSL Certificates = ssl_certificates TLS/SSL Configurations = ssl_configurations Open Ports = open_ports Web Application Security = web_appsec Patching Cadence = patching_cadence Insecure Systems = insecure_systems Server Software = server_software Desktop Software = desktop_software Mobile Software = mobile_software DNSSEC Records = dnssec Mobile Application Security = mobile_application_security Web Application Headers = application_security DMARC = dmarc Domain Squatting - Findings for this risk vector cannot be queried via the API Example Response ⊕ See Fields That Apply to All Findings "diligence_annotations":{ […] }, "grade":"NEUTRAL", "remediations":[ { "help_text":"This domain is missing a DNSKEY record and therefore cannot be authenticated using DNSSEC.", "message":"DNSSEC is not configured on this domain", "remediation_tip":"You will need to set up DNSSEC for your domain, including generating necessary keys and updating DNS zone records accordingly. See this <a target=\"new\" href=\"https://www.digitalocean.com/community/tutorials/how-to-setup-dnssec-on-an-authoritative-bind-dns-server--2\">DigitalOcean guide</a> for instructions which may be applicable to your server configuration, as well as <a target=\"new\" href=\"http://www.dnssec.net/practical-documents\">dnssec.net</a> for practical documents related to DNSSEC setup." } ], "rollup_end_date":"2019-01-26", "rollup_start_date":"2018-10-06" }, "evidence_key":"example.com", Response Attributes The following attributes apply to all Diligence findings: Field Description diligence_annotations Object Diligence finding details. grade String remediations Object Information about the finding and instructions to remediate it, if any. help_text String An overview of this finding. message String Details of this finding. remediation_tip String [HTML] The recommended remediation instructions. rollup_end_date String [YYYY-MM-DD] The date when this finding was last observed. rollup_start_date String [YYYY-MM-DD] The date when this finding was first observed. July 10, 2025: Listed DMARC. September 27, 2023: Insecure Systems, Server Software, Desktop Software, & Mobile Software separated to their own pages. September 8, 2023: Separated Open Ports & Patching Cadence to their own pages; Added Mobile Application Security findings. Related articles GET: Finding Details GET: SPF Domains Finding Details GET: Web Application Headers Finding Details GET: Compromised Systems Finding Details GET: Potentially Exploited Finding Details Feedback 0 comments Please sign in to leave a comment.