GetMostVulnerableAssets
This method can be used for the following functionality: Get details for the most vulnerable assets this user has access to. This method can be used with optional filter.
Assets are ordered by priority rating: i.e. Critical, then High, then Medium, then Low, then Informational.
The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.
GET /api/ss/analytics/vulnerable/assets HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close
limit (integer) (optional)
Limit how many assets to return. Must be an integer e.g. 10.
Example:
GET /api/ss/analytics/vulnerable/assets?limit=10 HTTP/1.1
startDate (string) (optional)
Start date to query vulnerabilities from. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
GET /api/ss/analytics/vulnerable/assets?startDate=2021-06-03T00:00:00.000Z HTTP/1.1
endDate (string) (optional)
End date to query vulnerabilities to. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
GET /api/ss/analytics/vulnerable/assets?endDate=2021-06-03T00:00:00.000Z HTTP/1.1
The following example is a cURL request to get Top 10 most vulnerable assets between 1st January 2020 to 1st February 2020.
Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.
curl -X GET 'https://demo.attackforge.com/api/ss/analytics/vulnerable/assets?limit=10&startDate=2021-06-03T00:00:00.000Z&endDate=2021-06-04T00:00:00.000Z' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close'
Response contains an array of asset objects.
{
"count": 999,
"assets":[
{
"asset": "...",
"critical_vulnerabilities": 999,
"high_vulnerabilities": 999,
"medium_vulnerabilities": 999,
"low_vulnerabilities": 999,
"informational_vulnerabilities": 999
}
]
}
Last modified 21d ago