Security Performance Management
Continuous Monitoring
Cyber Insurance
National Cybersecurity

Articles in this section

See more

GET: Findings Summary of a Company

Avatar
Ingrid
Follow
Publication Date – January 13, 2021

⇤ Companies

https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings/summary

See the presence of infection, server software, or vulnerability findings in a company during the following time periods:

  • 7 days back → Present day
  • 14 days back → Present day
  • 2 months back → 14 days back

Due to the output including several time periods, findings may be seen in multiple time periods.

Parameters

*Required.

Parameter Description Values 
company_guid
Path		 Identify the company to query. [String] Company unique identifier [entity_guid]. See GET: Portfolio Details. 
type
Query		 Filter by finding type.

[String]

  • infection
  • server_software
  • vulnerability (Default)
 
confidence
Query		 Filter by risk confidence. Applicable only to vulnerabilities (?type=vulnerability).

[String]

  • LOW
  • HIGH
 
history
Query		 Set the format of the response data.

[Boolean]

  • true (Default) = Include findings before the latest rating date.
  • false = Exclude findings before the latest rating date.

Example Request

curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings/summary -u api_token:

Example Response

[
  {
    "start_date":"2021-10-10",
    "end_date":"2021-12-09",
    "stats":[
      […]
      {
        "id":"CVE-2020-28949",
        "name":"CVE-2020-28949",
        "first_seen":"2021-01-05",
        "event_count":1,
        "host_count":1,
        "severity":null,
        "confidence":"HIGH",
        "severity_category":null
      }
    ]
  }
]

Response Attributes

Field Description 
start_date
String [YYYY-MM-DD]		 The start date when findings were observed. 
end_date
String [YYYY-MM-DD]		 The end date when findings were observed. 
stats
Array		 Findings within this company.
  
id
String

Identification for the finding.

  • vulnerability = The CVE ID of the vulnerability.
  • infection = The infection ID number in the Bitsight database.
  • server_software = The name of the server.
 
name
String

The name of the finding.

  • vulnerability = The name (such as “POODLE”) or CVE ID of the vulnerability.
  • infection = The name of the infection.
  • server_software = The name of the server.
 
first_seen
String [YYYY-MM-DD]		 The date when this finding was first observed. 
event_count
Integer		 The number of times this finding was observed. 
host_count
Integer		 The number of affected hosts. 
severity
Integer		 If the finding is an infection (?type=infection), this is the severity of the finding. See Bitsight severity. 
confidence
String

If the finding is a vulnerability (?type=vulnerability), this is the confidence level of the finding.

  • HIGH
  • LOW
 
severity_category
String		 If the finding is an infection (?type=infection), this is the severity of the finding. See Bitsight severity.

Errors and Status Codes

See the common errors and status codes.

Code Description
200 – Okay Everything worked as expected.
400 – Bad request This can often be due to missing a required parameter.
401 – No Authentication No valid API token was provided.
403 – Not Authorized You do not have permission to access this resource.
404 – Not Found The company does not exist.

Related articles