# GetMostVulnerableAssets ## Special Note Assets are ordered by priority rating: i.e. *Critical*, then *High*, then *Medium*, then *Low*, then *Informational.* ## Parameters The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory. ### Headers ``` GET /api/ss/analytics/vulnerable/assets HTTP/1.1 Host: demo.attackforge.com X-SSAPI-KEY: APIKey Content-Type: application/json Connection: close ``` ### Query **limit (integer) (optional)** Limit how many assets to return. Must be an integer e.g. 10. Example: ``` GET /api/ss/analytics/vulnerable/assets?limit=10 HTTP/1.1 ``` **startDate (string) (optional)** Start date to query vulnerabilities from. Must be UTC string e.g. 2021-06-03T23:15:33.008Z. Example: ``` GET /api/ss/analytics/vulnerable/assets?startDate=2021-06-03T00:00:00.000Z HTTP/1.1 ``` **endDate (string) (optional)** End date to query vulnerabilities to. Must be UTC string e.g. 2021-06-03T23:15:33.008Z. Example: ``` GET /api/ss/analytics/vulnerable/assets?endDate=2021-06-03T00:00:00.000Z HTTP/1.1 ``` ## Example The following example is a cURL request to get Top 10 most vulnerable assets between 1st January 2020 to 1st February 2020. ### Request Include API Token instead of stars in 'X-SSAPI-KEY: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*' parameter. ``` curl -X GET 'https://demo.attackforge.com/api/ss/analytics/vulnerable/assets?limit=10&startDate=2021-06-03T00:00:00.000Z&endDate=2021-06-04T00:00:00.000Z' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' ``` ### Response Response contains an array of asset objects. ``` { "count": 999, "assets":[ { "asset": "...", "critical_vulnerabilities": 999, "high_vulnerabilities": 999, "medium_vulnerabilities": 999, "low_vulnerabilities": 999, "informational_vulnerabilities": 999 } ] } ```