There is a new section in our knowledge base, the API Guide section, it includes information about every API endpoint we currently offer and how to use them. We are always adding more functionality to our API so you can use the data as you wish. Whether you are creating fancy dashboards or forwarding the data into other tools, we want you to use the data.
The API Guide can be found at the bottom of the knowledge base, and the knowledge base can be accessed by clicking the little book icon next to the notification bell.
Targets Endpoint
The Targets endpoint allows you to request the information seen on the targets page. This endpoint provides the four most basic pieces of information about a target on the platform. It is more relevant to customers with more than one target on the platform.
Method to use is GET
API Endpoint - api/external/targets?api_key={{ApiKey}}
The response from the endpoint includes the following:
ID - the ID of the target, this information isn’t visible on the platform.
Name - the name of the target.
Vector count - number of vectors on the target, all statuses.
Monitored assets count - number of assets with monitoring turned on.
Dashboard Endpoint
The Dashboard endpoint provides a summary of a target. It is comprised of cards providing a high-level view of the target.
Method to use is GET
API Endpoint - api/external/targets/{{targetID}}/dashboard?api_key={{ApiKey}}
The response from the endpoint includes the following:
Total assets count - the number of assets that are assigned to this target
Vulnerable assets count - the number of assets that are currently monitored and vulnerable, i.e., have vectors attached to them.
Vectors count - number of vectors on the target, all statuses.
Vector tag A list of all the assets that have this vector
Vectors Endpoint
The Vectors endpoint is used to request a list of vectors on an asset. It can be used to request a list of all the vectors or within a specific time frame by sending dates in the body of the request.
Method to use is POST
API Endpoint - api/external/targets/{{targetID}}/vectors?api_key={{ApiKey}}
The response from the endpoint includes the following:
Vector ID - a random string unique per vector.
Status - the status of a vector (Verified, Archived, etc.)
Name - the vector’s name, similar to asset name.
Priority - a number ranging from 1-5 where 1 is informational and 5 is critical.
Date - the date when the vector was found, appears as a number in the epoch time format in milliseconds.
Last scanned - the date the vector last appeared on a scan, also in epoch time format.
Exploit demos: Request method - the method used to perform the request Status code - response status code, e.g.: "200" for 200 OK. Request path - this is the “Exploit demo URL", the path to exploit the vulnerability
Description - the vector’s analysis from the vector steps section.
Tags - vector tags.
To request for vectors in a specific time frame, send the following as part of the request body and replace “dd/mm/yyyy” with a date:
{ "filters": { "date": { "start_date": "dd/mm/yyyy", //Starting from 00:00 "end_date": "dd/mm/yyyy" //Up to 23:59 } } }
Assets Endpoint
The Assets endpoint is used to request for all the assets on a target. Part of the response also includes the technology scanner’s results i.e. all the technologies found on the asset and whether they are outdated or not. Note that technologies are dynamic, and some fields may not be included in the response, based on the information that is available.
Method to use is GET
API Endpoint - api/external/targets/{{targetID}}/assets?api_key={{ApiKey}}
The response from the endpoint includes the following:
Name - the asset’s name
Tags - an array of asset tags.
Category - the asset's category e.g., Development Environment
Technologies - technologies found on the asset Categories - technology category e.g., Web Servers Name - technology name, e.g., Apache HTTP Server Versions - version of technology detected CPE - the CPE of the technology found, if available Outdated - whether the technology is outdated or not
Vector count - how many vectors are attached to the vector
Discovery Endpoint
The Discovery endpoint is used to get information about all the assets that were found by the platform. The API responds with all the data in the target’s discovery page, divided into three categories, assigned assets, discovered assets, and related domains.
Method to use is GET
API Endpoint - api/external/targets/{{targetID}}/discovery?api_key={{ApiKey}}
The response from the endpoint includes the following:
Assigned assets - assets that are already assigned to the target Name - of the asset Category - e.g. "Development Environment" IP addresses Address - IP address found Ports - array of open ports found for each asset
Discovered assets - assets that aren't assigned to the target yet Name Category IP addresses Address Ports
Related domains Name - name of the domain used in the discovery process
Creating a New Asset Using The API
It is possible to manually create assets and add them to the Asset Management screen.
Method to use is POST
API Endpoint - api/external/targets/{{targetID}}/assets?api_key={{ApiKey}}
Include the new asset’s name (IP, domain or hostname) according to the format below:
{ "name": string //The asset's name (IP, domain or hostname) }
The response from the endpoint includes the following:
Success - true if asset was created, false if wasn't created
Asset ID - ID of the asset that was created
Message - success message, for example "Asset was created and will be monitored".
Whitelisting The Scanner's IPs
The system’s scanners and requests are constantly rotating through a pool of pre-defined IPs, which are rotated approximately once a month.
To get the list of IPs being used by the scanners at any given moment you can use the Proxies endpoint.
Request to use is GET
API Endpoint - api/external/proxies/ips?api_key={{ApiKey}}
The response from the endpoint includes an array of IP addresses.