Comment on page
Vulnerability Evidence Created

Getting Started
This page will help you with subscribing to the vulnerability-evidence-created event.
This event can be used for the following:
Get details for evidence created for a vulnerability on a project, for which you have access to.
Prerequisites
In order to subscribe to this event, you must have:
Access to the vulnerability-created event (see My Events to confirm).
A working client (see Setting Up Your Client for details).
Valid API Key (see Authentication for your key).
Network access to your AttackForge Enterprise tenant.
Subscribing To Event
NodeJS
Python
.NET
Java
Go
NodeJS
NodeJS Prerequisites
In order to subscribe to this event using the NodeJS client, you must have:
NodeJS v10+ installed
NPM installed
A working NodeJS client (see Setting Up Your Client for details).
Client configuration
Open a terminal and navigate to the client directory.
From the client directory, run following command, substituting variables below with your configuration details:
$ TENANT="YOUR-AFE-TENANT" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" node .
An example is included below for reference:
$ TENANT="https://demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" node .
If your client is successfully subscribed to this event, you should see similar output in your terminal:
Subscribed to the following events: [ 'vulnerability-evidence-created' ]
Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.
You can now work on your integration code to start actioning these events. Open index.js with a text editor - the file is located in your client directory. Your code will replace the following section within this file:
/* ENTER YOUR INTEGRATION CODE HERE */
/* method contains the event type e.g. vulnerability-evidence-created */
/* params contains the event body e.g. JSON object with timestamp & details */
Python
Python Prerequisites
In order to subscribe to this event using the Python client, you must have:
Python3 installed
PIP installed
A working Python client (see Setting Up Your Client for details).
Client configuration
Open a terminal and navigate to the client directory.
From the client directory, run following command, substituting variables below with your configuration details:
$ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" python3 main.py
An example is included below for reference:
$ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" python3 main.py
If your client is successfully subscribed to the events, you should see similar output in your terminal:
Subscribed to the following events: [ 'vulnerability-evidence-created' ]
Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.
You can now work on your integration code to start actioning these events. Open main.py with a text editor - the file is located in your client directory. Your code will replace the following section within this file:
# ENTER YOUR INTEGRATION CODE HERE
# method contains the event type e.g. vulnerability-evidence-created
# params contains the event body e.g. JSON object with timestamp & details
.NET
.NET Prerequisites
In order to subscribe to this event using the .NET client, you must have:
.NET 5.0 SDK installed
A working .NET client (see Setting Up Your Client for details).
Client configuration
Open a terminal and navigate to the client directory.
From the client directory, run following command, substituting variables below with your configuration details:
$ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" dotnet run
An example is included below for reference:
$ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" dotnet run
If your client is successfully subscribed to the events, you should see similar output in your terminal:
Subscribed to the following events: [ 'vulnerability-evidence-created' ]
Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.
You can now work on your integration code to start actioning these events. Open Program.cs with a text editor from your client directory. Your code will replace the following section within this file:
/* ENTER YOUR INTEGRATION CODE HERE */
/* method contains the event type e.g. vulnerability-evidence-created */
/* params contains the event body e.g. JSON object with timestamp & details */
Java
Java Prerequisites
In order to subscribe to this event using the Java client, you must have:
OpenJDK 11 installed
Maven installed
A working Java client (see Setting Up Your Client for details).
Client configuration
Open a terminal and navigate to the client directory.
From the client directory, run following command, substituting variables below with your configuration details:
$ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" java -jar target/afe-ssapi-events-java-client-1.0-SNAPSHOT-jar-with-dependencies.jar
An example is included below for reference:
$ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" java -jar target/afe-ssapi-events-java-client-1.0-SNAPSHOT-jar-with-dependencies.jar
If your client is successfully subscribed to the events, you should see similar output in your terminal:
Subscribed to the following events: [ 'vulnerability-evidence-created' ]
Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.
You can now work on your integration code to start actioning these events. Open ./src/main/java/com/attackforge/App.java with a text editor from your client directory. Your code will replace the following section within this file:
/* ENTER YOUR INTEGRATION CODE HERE */
/* method contains the event type e.g. vulnerability-evidence-created */
/* params contains the event body e.g. JSON object with timestamp & details */
Go
Go Prerequisites
In order to subscribe to this event using the Go client, you must have:
Go installed
A working Go client (see Setting Up Your Client for details).
Client configuration
Open a terminal and navigate to the client directory.
From the client directory, run following command, substituting variables below with your configuration details:
$ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" ./afe-ssapi-events-go-client
An example is included below for reference:
$ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" ./afe-ssapi-events-go-client
If your client is successfully subscribed to this event, you should see similar output in your terminal:
Subscribed to the following events: [ 'vulnerability-evidence-created' ]
Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge.
You can now work on your integration code to start actioning these events. Open main.go with a text editor from your client directory. Your code will replace the following section within this file:
/* ENTER YOUR INTEGRATION CODE HERE */
/* method contains the event type e.g. vulnerability-evidence-created */
/* params contains the event body e.g. JSON object with timestamp & details */
Example Response
The event emitted will include the following information:
{
  "method": "vulnerability-evidence-created",
  "params": {
    "timestamp": "2021-01-01T00:00:00.000Z",
    "data": {
      "evidence_id": "60fe2f7747d2c400306bd808",
      "evidence_created": "2021-01-01T03:43:51.665Z",
      "evidence_modified": "2021-01-01T03:43:51.665Z",
      "evidence_is_deleted": false,
      "evidence_file_name": "Lorem ipsum...",
      "evidence_file_type": "Lorem ipsum...",
      "evidence_file_hash": "Lorem ipsum...",
      "evidence_file_size": 9999,
      "evidence_file_storage_name": "Lorem ipsum...",
      "evidence_file_storage_location": "Lorem ipsum...",
      "evidence_vulnerability": {
        "vulnerability_id": "60fe2f7747d2c400306bd808"
      },
      "evidence_user": {
        "user_id": "60fe2f7747d2c400306bd808",
      }
    }
  }
}
Vulnerability-Updated
Vulnerability Evidence Updated
Last modified 3mo ago