Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

GET: Findings Summary of a Company

Ingrid

https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings/summary

See the presence of infection, server software, or vulnerability findings in a company during the following time periods:

  • 7 days back → Present day
  • 14 days back → Present day
  • 2 months back → 14 days back

Due to the output including several time periods, findings may be seen in multiple time periods.

Parameters

* Required.

company_guid

* Required.

[Path] Identify the company to query.

Value: [String] Company unique identifier [entity_guid]. See GET: Portfolio Details.

type

[Query] Filter by finding type.

Value: [String]

  • infection
  • server_software
  • vulnerability (Default)
confidence

[Query] Filter by risk confidence. Applicable only to vulnerabilities (?type=vulnerability).

Value: [String]

  • LOW
  • HIGH
history

[Query] Set the format of the response data.

Value: [Boolean]

  • true (Default) = Include findings before the latest rating date.
  • false = Exclude findings before the latest rating date.

Example Request

curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings/summary -u api_token:

Example Response

[
  {
    "start_date":"2021-10-10",
    "end_date":"2021-12-09",
    "stats":[
      […]
      {
        "id":"CVE-2020-28949",
        "name":"CVE-2020-28949",
        "first_seen":"2021-01-05",
        "event_count":1,
        "host_count":1,
        "severity":null,
        "confidence":"HIGH",
        "severity_category":null
      }
    ]
  }
]

Response Attributes

Field Description 
start_date

String [YYYY-MM-DD]

 The start date when findings were observed. 
end_date

String [YYYY-MM-DD]

 The end date when findings were observed. 
stats

Array

 Findings within this company.
  
id

String

Identification for the finding.

  • vulnerability = The CVE ID of the vulnerability.
  • infection = The infection ID number in the Bitsight database.
  • server_software = The name of the server.
 
name

String

The name of the finding.

  • vulnerability = The name (such as “POODLE”) or CVE ID of the vulnerability.
  • infection = The name of the infection.
  • server_software = The name of the server.
 
first_seen

String [YYYY-MM-DD]

 The date when this finding was first observed. 
event_count

Integer

 The number of times this finding was observed. 
host_count

Integer

 The number of affected hosts. 
severity

Integer

 If the finding is an infection (?type=infection), this is the severity of the finding. See Bitsight severity. 
confidence

String

If the finding is a vulnerability (?type=vulnerability), this is the confidence level of the finding.

  • HIGH
  • LOW
 
severity_category

String

 If the finding is an infection (?type=infection), this is the severity of the finding. See Bitsight severity.

Errors and Status Codes

See the common errors and status codes.

200 – Okay
Everything worked as expected.
400 – Bad request
This can often be due to missing a required parameter.
401 – No Authentication
No valid API token was provided.
403 – Not Authorized
You do not have permission to access this resource.
404 – Not Found
The company does not exist.
  • January 13, 2021: Published.
Was this article helpful?
0 out of 1 found this helpful
Return to top

Related articles

Feedback

0 comments

Please sign in to leave a comment.