This resource returns a list of findings for latest analysis for a given TOE.

get

https://api.sandbox.riskrecon.com/v1/findings_paginated/{toe_id}

This use case describes how the Findings API is used to retrieve a list of findings for the latest analysis for a TOE. The toe_id is passed in the API request. In this scenario, all findings for that TOE are returned in the response. To limit or filter the data returned in the response, you can use various parameters in the API request:

Filter by an asset value: You can use the asset_value parameter to search for findings with high, medium, or low asset value.
Filter by severity: You can use the severity parameter to search for findings with high, medium, or low severity.
Filter by asset value and severity: You can use asset_value and severity parameters to search for findings with high, medium, or low asset value and severity.
Filter by page: You can use the page parameter to search for findings pages.
Sort by Findings Attribute: You can use the sort attribute to sort results of alerting issues by available sort attributes.

Path Params

toe_id

string

required

Filter by the Toe ID.

Query Params

page

integer

≥ 1

Defaults to 1

This parameter is the page number in routes that have pagination.

per_page

integer

1 to 250

Defaults to 20

This parameter sets the results limit per page. This defaults to 20 and currently has a max of 250.

sort_attribute

string

enum

Defaults to priority

This parameter is optional but allows the user to sort results of alerting issues by available sort attributes.

Allowed:

sort_method

string

enum

Defaults to DESC

Sort results by ascending or descending order.

Allowed:

severity

string

enum

Filter finding results by severity.

Allowed:

asset_value

string

enum

This parameter filters finding results by asset_value.

Allowed:

security_domain

string

Filter results by the Security Domain.

security_criteria

string

Filter results by the Security Criteria.

cve_ids[]

array of strings

This parameter filters finding results by array of Common Vulnerabilities and Exposures (CVE). An example of a query string with multiple cves would look like:

?cve_ids[]=CVE-1999-0001&cve_ids[]=CVE-1999-0002

cve_ids[]

risk_dimension

string

enum

Defaults to cyber

This parameter filters results by RiskDimension. The default value is cyber. privacy is a new option for customers with privacy licenses.

Allowed:

Responses

200OK

400Something was wrong with the request

401Authentication information was missing or invalid or the user is not authorized to access resource or perform the associated action.

403FORBIDDEN

404The URI didn't match an existing resource.