Skip to main content
API Paths and Endpoints

Learn about the various paths that can be used to access cloud security information and vulnerability data through the Vulcan API

Updated over 7 months ago

About

This article provides details on the various paths that can be used to access cloud security information and vulnerability data through the API. The article is based on the available API Call on the Vulcan API Swagger (Settings > API) and is intended for developers and security professionals who are interested in integrating the Vulcan API into their applications or workflows.

Working with Vulcan API


Assets

POST /assets/cloud_resources/

Description

Returns all websites to which you have access that matches the given search criteria

Parameters

Type

Name

Schema

Body

data

required

data

{
"sort_by": [
{}
],
"filter": {
"freeInput": [
"string"
],
"Source": [
"string"
],
"Tags": [
"string"
],
"Exclude Tags": [
"string"
]
},
"business_group_id": 0,
"first_row": 0,
"end_row": 10
}

data

Name

Schema

business_group_id

optional

integer

end_row

optional

integer

filter

optional

filter

first_row

optional

integer

sort_by

optional

< object > array

filter

Name

Schema

Exclude Tags

optional

< string > array

Source

optional

< string > array

Tags

optional

< string > array

freeInput

optional

< string > array

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

count

required

integer

data

required

< object > array

Tags

  • Assets


GET /assets/cloud_resources/{cloud_resource_id}/

Description

Get the specified website ID

Parameters

Type

Name

Schema

Path

cloud_resource_id

required

string

Responses

HTTP Code

Schema

200

Response 200

{
"added_json": {},
"connectors": {},
"connectors_meta": [
"string"
],
"connector_names": [
"string"
],
"first_seen": "string",
"host_type": "string",
"hostname": "string",
"id": 0,
"last_report": "string",
"last_seen": "string",
"priority": 0,
"reference": "string",
"severity": "string",
"vulcan_host_tags": [
{}
],
"awssecurityhubiamanalyzer_cloud_resource": 0,
"aqua_cloud_resource": 0,
"orca_cloud_resource": 0,
"microsoftdfc_cloud_resource": 0,
"wiz_cloud_resource": 0,
"vulcanreport_cloud_resource": 0,
"vulnerabilities": [
{}
],
"vulns_count": 0,
"cloud_type": "string",
"resource_type": "string"
}

Response 200

Name

Schema

added_json

required

object

aqua_cloud_resource

required

integer

awssecurityhubiamanalyzer_cloud_res ource

required

integer

cloud_type

optional

string

connector_names

required

< string > array

connectors

required

object

connectors_meta

required

< string > array

first_seen

required

string

host_type

required

string

hostname

required

string

id

required

integer

last_report

required

string

last_seen

required

string

microsoftdfc_cloud_resource

required

integer

orca_cloud_resource

required

integer

priority

required

integer

reference

required

string

resource_type

optional

string

severity

required

string

vulcan_host_tags

required

< object > array

vulcanreport_cloud_resource

required

integer

vulnerabilities

required

< object > array

vulns_count

required

integer

wiz_cloud_resource

required

integer

Tags

• Assets


POST /assets/code_projects/

Description

Returns all code projects for which you have access that matches the given search criteria

Parameters

Type

Name

Schema

Body

data

required

data

{
"sort_by": [
{}
],
"filter": {
"freeInput": [
"string"
],
"Source": [
"string"
],
"Tags": [
"string"
],
"Exclude Tags": [
"string"
]
},
"business_group_id": 0,
"first_row": 0,
"end_row": 10
}

data

Name

Schema

business_group_id

optional

integer

end_row

optional

integer

filter

optional

first_row

optional

integer

sort_by

optional

< object > array

filter

Name

Schema

Exclude Tags

optional

< string > array

Source

optional

< string > array

Tags

optional

< string > array

freeInput

optional

< string > array

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

count

required

integer

data

required

< object > array

Tags

• Assets


GET /assets/code_projects/{code_project_id}/

Description

Get the specified code project ID

Parameters

Type

Name

Schema

Path

code_project_id

required

string

Responses

HTTP Code

Schema

200

Response 200

{
"connectors": {},
"connectors_meta": [
"string"
],
"connector_names": [
"string"
],
"first_seen": "string",
"host_type": "string",
"hostname": "string",
"id": 0,
"last_seen": "string",
"priority": 0,
"severity": "string",
"blackduck_code_project": 0,
"fortifysast_code_project": 0,
"snyk_code_project": 0,
"sonatype_code_project": 0,
"jfrog_code_project": 0,
"language": [
{}
],
"last_report": "string",
"reference": "string",
"veracode_code_project": 0,
"whitehat_code_project": 0,
"whitesource_code_project": 0,
"vulcan_host_tags": [
{}
],
"biz_groups": [
{}
],
"vulnerabilities": [
{}
],
"vulns_count": 0
}

Response 200

Name

Schema

biz_groups

optional

< object > array

blackduck_code_project

required

integer

connector_names

required

< string > array

connectors

required

object

connectors_meta

required

< string > array

first_seen

required

string

fortifysast_code_project

required

integer

host_type

required

string

hostname

required

string

id

required

integer

jfrog_code_project

required

integer

language

required

< object > array

last_report

required

string

last_seen

required

string

priority

required

integer

reference

required

string

severity

required

string

snyk_code_project

required

integer

sonatype_code_project

required

integer

veracode_code_project

required

integer

vulcan_host_tags

required

< object > array

vulnerabilities

required

< object > array

vulns_count

required

integer

whitehat_code_project

required

integer

whitesource_code_project

required

integer

Tags

• Assets


POST /assets/hosts/

Description

Returns all hosts to which you have access that matches the given search criteria

Parameters

Type

Name

Schema

Body

data

required

data

{
"sort_by": [
{}
],
"filter": {
"freeInput": [
"string"
],
"OS": [
"string"
],
"OS and Version": [
"string"
],
"Scan coverage": [
"any"
],
"Risk level": [
"None"
],
"IP": [
"string"
],
"Cloud Instance ID": [
"string"
],
"Source": [
"string"
],
"Tags": [
"string"
],
"Exclude Tags": [
"string"
]
},
"business_group_id": 0,
"first_row": 0,
"end_row": 10
}

data

Name

Schema

business_group_id

optional

integer

end_row

optional

integer

filter

optional

filter

first_row

optional

integer

sort_by

optional

< object > array

filter

Name

Schema

Cloud Instance ID

optional

< string > array

Exclude Tags

optional

< string > array

IP

optional

< string > array

OS

optional

< string > array

OS and Version

optional

< string > array

Risk level

optional

< enum (None, Low, Medium, High, Critical) > array

Scan coverage

optional

< enum (any, unscanned) > array

Source

optional

< string > array

Tags

optional

< string > array

freeInput

optional

< string > array

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

count

required

integer

data

required

< object > array

Tags

• Assets


GET /assets/hosts/{host_id}/

Description

Get the specified host ID and/or verify the host information.

Parameters

Type

Name

Schema

Path

host_id

required

string

Responses

HTTP Code

Schema

200

Response 200

{
"connectors": {},
"connectors_meta": [
"string"
],
"connector_names": [
"string"
],
"host_type": "string",
"hostname": "string",
"id": 0,
"last_seen": "string",
"priority": 0,
"severity": "string",
"vulcan_host_tags": [
{}
],
"vulnerabilities": [
{}
],
"vulns_count": 0,
"asset_id": "string",
"first_seen": "string",
"fqdn": "string",
"ip": "string",
"os": "string",
"os_version": "string",
"platform_family": "string",
"scanned_by_scanner": true,
"state": "string",
"status": "string",
"styled_os": "string"
}

Response 200

Name

Schema

asset_id

required

string

connector_names

required

< string > array

connectors

required

object

connectors_meta

required

< string > array

first_seen

required

string

fqdn

required

string

host_type

required

string

hostname

required

string

id

required

integer

ip

required

string

last_seen

required

string

os

required

string

os_version

required

string

platform_family

required

string

priority

required

integer

scanned_by_scanner

required

boolean

severity

required

string

state

required

string

status

required

string

styled_os

required

string

vulcan_host_tags

required

< object > array

vulnerabilities

required

< object > array

vulns_count

required

integer

Tags

• Assets


POST /assets/repositories/

Description

Returns all repositories for which you have access that match the given search criteria

Parameters

Type

Name

Schema

Body

data

required

data

{
"sort_by": [
{}
],
"filter": {
"freeInput": [
"string"
],
"Source": [
"string"
],
"Tags": [
"string"
],
"Exclude Tags": [
"string"
]
},
"business_group_id": 0,
"first_row": 0,
"end_row": 10
}

data

Name

Schema

business_group_id

optional

integer

end_row

optional

integer

filter

optional

first_row

optional

integer

sort_by

optional

< object > array

filter

Name

Schema

Exclude Tags

optional

< string > array

Source

optional

< string > array

Tags

optional

< string > array

freeInput

optional

< string > array

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

count

required

integer

data

required

< object > array

Tags

• Assets


GET /assets/repositories/{repository_id}/

Description

Get the specified repository ID

Parameters

Type

Name

Schema

Path

repository_id

required

string

Responses

HTTP Code

Schema

200

Response 200

{
"connectors": {},
"connectors_meta": [
"string"
],
"connector_names": [
"string"
],
"first_seen": "string",
"host_type": "string",
"hostname": "string",
"id": 0,
"last_seen": "string",
"priority": 0,
"severity": "string",
"artifact_type": "string",
"aws_repository": 0,
"component_id": "string",
"jfrog_repository": 0,
"prismacloud_repository": 0,
"name": "string",
"path": "string",
"sha256": "string",
"styled_os": "string",
"vulcan_host_tags": [
{}
],
"vulnerabilities": [
{}
],
"vulns_count": 0
}

Response 200

Name

Schema

artifact_type

required

string

aws_repository

required

integer

component_id

required

string

connector_names

required

< string > array

connectors

required

object

connectors_meta

required

< string > array

first_seen

required

string

host_type

required

string

hostname

required

string

id

required

integer

jfrog_repository

required

integer

last_seen

required

string

name

required

string

path

required

string

priority

required

integer

prismacloud_repository

required

integer

severity

required

string

sha256

required

string

styled_os

required

string

vulcan_host_tags

required

< object > array

vulnerabilities

required

< object > array

vulns_count

required

integer

Tags

• Assets


POST /assets/websites/

Description

Returns all websites to which you have access that matches the given search criteria.

Parameters

Type

Name

Schema

Body

data

required

data

{
"sort_by": [
{}
],
"filter": {
"freeInput": [
"string"
],
"Source": [
"string"
],
"Tags": [
"string"
],
"Exclude Tags": [
"string"
]
},
"business_group_id": 0,
"first_row": 0,
"end_row": 10
}
Parameter content type

application/json

data

Name

Schema

business_group_id

optional

integer

end_row

optional

integer

filter

optional

filter

first_row

optional

integer

sort_by

optional

< object > array

filter

Name

Schema

Exclude Tags

optional

< string > array

Source

optional

< string > array

Tags

optional

< string > array

freeInput

optional

< string > array

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

count

required

integer

data

required

< object > array

Tags

• Assets


GET /assets/websites/{website_id}/

Description

Get the specified website ID

Parameters

Type

Name

Schema

Path

website_id

required

string

Responses

HTTP Code

Schema

200

Response 200

{
"added_json": {},
"connectors": {},
"connectors_meta": [
"string"
],
"connector_names": [
"string"
],
"first_seen": "string",
"host_type": "string",
"hostname": "string",
"id": 0,
"last_report": "string",
"last_seen": "string",
"priority": 0,
"reference": "string",
"severity": "string",
"vulcan_host_tags": [
{}
],
"vulcanreport_website": 0,
"vulnerabilities": [
{}
],
"vulns_count": 0,
"whitehat_website": 0
}

Response 200

Name

Schema

added_json

required

object

connector_names

required

< string > array

connectors

required

object

connectors_meta

required

< string > array

first_seen

required

string

host_type

required

string

hostname

required

string

id

required

integer

last_report

required

string

last_seen

required

string

priority

required

integer

reference

required

string

severity

required

string

vulcan_host_tags

required

< object > array

vulcanreport_website

required

integer

vulnerabilities

required

< object > array

vulns_count

required

integer

whitehat_website

required

integer

Tags

• Assets


Authentication

POST /authentication/token/

Description

Generate and receive an OAuth2 token. You can use this token to call our resource APIs. The expiration date is 1 year from creation by default. Max expiration date can be 3 years from now.

Parameters

Type

Name

Schema

Body

data

required

data

{
"name": "string",
"expiration_date": "string"
}

Example:

{“name”: “token_name” , 
” expiration_date” : “2012-06-13”}

data

Name

Schema

expiration_date

optional

string

name

optional

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

access_token

required

string

expires_in

required

string

scope

required

string

token_type

required

string

Tags

• Authentication


POST /campaign/{campaign_id}/rename

Description

Rename a campaign

Parameters

Type

Name

Schema

Path

campaign_id

required

string

Responses

HTTP Code

Schema

204

< Response 204 > array

Response 204

Name

Schema

new_name

optional

string

Tags

• Campaigns


POST /packages_cluster

Description

Returns all Packages Clusters for which you have access that match the given search criteria. Body example:

{"filters":{"threats":["Exploitable"],"operatingSystems":["Windows"],"priority":[1]},"sort_by":null,"sta rt_offset":null,"end_offset":null}

Parameters

Type

Name

Schema

Body

data

required

data

data

Name

Schema

biz_group_id

optional

integer

category

optional

enum (all, fixed, vulnerable, ignored)

filters

optional

filters

Name

Schema

Exclude Tags

optional

< string > array

Tags

optional

< string > array

affected_software

optional

< string > array

assets_os_versions

optional

< string > array

assets_sources

optional

< string > array

cves

optional

< string > array

cvss_score

optional

< cvss_score > array

freeInput

optional

< string > array

operatingSystems

optional

< string > array

priority

optional

< number > array

qid

optional

< number > array

sccm_patchable

optional

< enum (Yes, No) > array

sla_status

optional

< enum (Compliant, Breaching) > array

tableStatus

optional

< enum (Pending, In progress, Fixed) > array

threats

optional

< string > array

vendor

optional

< string > array

vulcan_discovery_time

optional

< vulcan_discovery_time > array

vuln_sources

optional

< string > array

cvss_score

Name

Schema

op

optional

enum (lt, gt, eq, ge, le)

value

optional

number

vulcan_discovery_time

Name

Schema

op

optional

enum (lt, gt)

value

optional

number

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

all

required

< all > array

fixed

required

< fixed > array

ignored

required

< ignored > array

vulnerable

required

< vulnerable > array

all

Name

Schema

assets_count

required

number

assets_os

required

< object > array

biz_groups_ids

required

< number > array

max_risk

required

number

packages

required

string

risk_mass

required

number

sources

required

< string > array

threats

required

< object > array

vendor

required

string

vuln_ids

required

< number > array

vuln_tags

required

< object > array

vulns_count

required

integer

fixed

Name

Schema

assets_count

required

number

assets_os

required

< object > array

biz_groups_ids

required

< number > array

max_risk

required

number

packages

required

string

risk_mass

required

number

sources

required

< string > array

threats

required

< object > array

vendor

required

string

vuln_ids

required

< number > array

vuln_tags

required

< object > array

vulns_count

required

integer

ignored

Name

Schema

assets_count

required

number

assets_os

required

< object > array

biz_groups_ids

required

< number > array

max_risk

required

number

packages

required

string

risk_mass

required

number

sources

required

< string > array

threats

required

< object > array

vendor

required

string

vuln_ids

required

< number > array

vuln_tags

required

< object > array

vulns_count

required

integer

vulnerable

Name

Schema

assets_count

required

number

assets_os

required

< object > array

biz_groups_ids

required

< number > array

max_risk

required

number

packages

required

string

risk_mass

required

number

sources

required

< string > array

threats

required

< object > array

vendor

required

string

vuln_ids

required

< number > array

vuln_tags

required

< object > array

vulns_count

required

integer

Tags

• Packages Clusters


POST /packages_cluster/assets

Description

Returns a specific packages cluster’s assets for which you have access that match the given search criteria. Body example:

{"filters":{"threats":["Exploitable"],"operatingSystems":["Windows"],"priority":[1]},"sort_by":null,"sta rt_offset":null,"end_offset":null}

Parameters

Type

Name

Schema

Body

data

required

data

data

Name

Schema

biz_group_id

optional

integer

category

optional

enum (all, fixed, vulnerable, ignored)

filters

optional

filters

packages

optional

< string > array

vendor

optional

string

filters

Name

Schema

Exclude Tags

optional

< string > array

Tags

optional

< string > array

affected_software

optional

< string > array

assets_os_versions

optional

< string > array

assets_sources

optional

< string > array

cves

optional

< string > array

cvss_score

optional

< cvss_score > array

freeInput

optional

< string > array

operatingSystems

optional

< string > array

priority

optional

< number > array

qid

optional

< number > array

sccm_patchable

optional

< enum (Yes, No) > array

sla_status

optional

< enum (Compliant, Breaching) > array

tableStatus

optional

< enum (Pending, In progress, Fixed) > array

threats

optional

< string > array

vendor

optional

< string > array

vulcan_discovery_time

optional

< vulcan_discovery_time > array

vuln_sources

optional

< string > array

cvss_score

Name

Schema

op

optional

enum (lt, gt, eq, ge, le)

value

optional

number

vulcan_discovery_time

Name

Schema

op

optional

enum (lt, gt)

value

optional

number

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

all

required

< all > array

fixed

required

< fixed > array

ignored

required

< ignored > array

vulnerable

required

< vulnerable > array

all

Name

Schema

asset_id

required

string

asset_type

required

string

biz_groups_ids

required

< number > array

connectors_meta

required

< string > array

max_risk

required

number

name

required

string

vuln_ids

required

< number > array

fixed

Name

Schema

asset_id

required

string

asset_type

required

string

biz_groups_ids

required

< number > array

connectors_meta

required

< string > array

max_risk

required

number

name

required

string

vuln_ids

required

< number > array

ignored

Name

Schema

asset_id

required

string

asset_type

required

string

biz_groups_ids

required

< number > array

connectors_meta

required

< string > array

max_risk

required

number

name

required

string

vuln_ids

required

< number > array

vulnerable

Name

Schema

asset_id

required

string

asset_type

required

string

biz_groups_ids

required

< number > array

connectors_meta

required

< string > array

max_risk

required

number

name

required

string

vuln_ids

required

< number > array

Tags

• Packages Clusters


POST /packages_cluster/vulnerabilities

Description

Returns a specific packages cluster’s vulnerabilities for which you have access that match the given search criteria. Body example:

{"filters":{"threats":["Exploitable"],"operatingSystems":["Windows"],"priority":[1]},"sort_by":null,"sta rt_offset":null,"end_offset":null}

Parameters

Type

Name

Schema

Body

data

required

data

data

Name

Schema

biz_group_id

optional

integer

category

optional

enum (all, fixed, vulnerable, ignored)

filters

optional

filters

packages

optional

< string > array

vendor

optional

string

filters

Name

Schema

Exclude Tags

optional

< string > array

Tags

optional

< string > array

affected_software

optional

< string > array

assets_os_versions

optional

< string > array

assets_sources

optional

< string > array

cves

optional

< string > array

cvss_score

optional

< cvss_score > array

freeInput

optional

< string > array

operatingSystems

optional

< string > array

priority

optional

< number > array

qid

optional

< number > array

sccm_patchable

optional

< enum (Yes, No) > array

sla_status

optional

< enum (Compliant, Breaching) > array

tableStatus

optional

< enum (Pending, In progress, Fixed) > array

threats

optional

< string > array

vendor

optional

< string > array

vulcan_discovery_time

optional

< vulcan_discovery_time > array

vuln_sources

optional

< string > array

cvss_score

Name

Schema

op

optional

enum (lt, gt, eq, ge, le)

value

optional

number

vulcan_discovery_time

Name

Schema

op

optional

enum (lt, gt)

value

optional

number

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

all

required

< all > array

fixed

required

< fixed > array

ignored

required

< ignored > array

vulnerable

required

< vulnerable > array

all

Name

Schema

asset_type

required

string

biz_groups_ids

required

< number > array

max_risk

required

number

name

required

string

vuln_id

required

string

vuln_sources

required

< string > array

fixed

Name

Schema

asset_type

required

string

biz_groups_ids

required

< number > array

max_risk

required

number

name

required

string

vuln_id

required

string

vuln_sources

required

< string > array

ignored

Name

Schema

asset_type

required

string

biz_groups_ids

required

< number > array

max_risk

required

number

name

required

string

vuln_id

required

string

vuln_sources

required

< string > array

vulnerable

Name

Schema

asset_type

required

string

biz_groups_ids

required

< number > array

max_risk

required

number

name

required

string

vuln_id

required

string

vuln_sources

required

< string > array

Tags

• Packages Clusters


GET /sla_policy/

Description

Get all SLA policies

Responses

HTTP Code

Schema

200

< Response 200 > array

Response 200

Name

Schema

bizgroups

optional

< integer > array

id

optional

integer

name

optional

string

position

optional

integer

priority_1_sla

optional

integer

priority_2_sla

optional

integer

priority_3_sla

optional

integer

priority_4_sla

optional

integer

priority_5_sla

optional

integer

Tags

• SLA Policy


POST /sla_policy/create/

Description

Create a new SLA policy if position is not given the SLA Policy will be bottommost (the policies are ordered by position descending)

Parameters

Type

Name

Schema

Body

data

required

data

data

Name

Schema

bizgroups

optional

< integer > array

name

optional

string

priority_1_sla

optional

integer

priority_2_sla

optional

integer

priority_3_sla

optional

integer

priority_4_sla

optional

integer

priority_5_sla

optional

integer

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

bizgroups

required

< integer > array

id

required

integer

name

required

string

position

required

integer

priority_1_sla

required

integer

priority_2_sla

required

integer

priority_3_sla

required

integer

priority_4_sla

required

integer

priority_5_sla

required

integer

Tags

• SLA Policy


DELETE /sla_policy/delete/{sla_policy_id}

Description

Delete SLA policy Any Business Group assigned with the deleted SLA policy will automatically be assigned with the Global SLA policy

Parameters

Type

Name

Schema

Path

sla_policy_id

required

string

Tags

• SLA Policy


PUT /sla_policy/move/{sla_policy_id}

Description

Move SLA Policy one step Up or Down direction possible values: up, down

Parameters

Type

Name

Schema

Path

sla_policy_id

required

string

Body

data

required

data

data

Name

Schema

direction

optional

enum (up, down)

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

name

required

string

new_position

required

integer

old_position

required

integer

swapped_with

required

string

Tags

• SLA Policy


POST /sla_policy/revert/{sla_policy_id}

Description

Revert Global SLA policy back to Vulcan recommendations

Parameters

Type

Name

Schema

Path

sla_policy_id

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

sla_policy

required

sla_policy

sla_policy

Name

Schema

bizgroups

optional

< integer > array

id

optional

integer

name

optional

string

position

optional

integer

priority_1_sla

optional

integer

priority_2_sla

optional

integer

priority_3_sla

optional

integer

priority_4_sla

optional

integer

priority_5_sla

optional

integer

Tags

• SLA Policy


PUT /sla_policy/update

Description

Update SLA policy if position is not given it will not be changed (the policies are ordered by position descending) bizgroups is an array of all ids of Business groups that are assigned with the SLA Policy

Parameters

Type

Name

Schema

Body

data

required

data

data

Name

Schema

bizgroups

optional

< integer > array

id

optional

integer

name

optional

string

position

optional

integer

priority_1_sla

optional

integer

priority_2_sla

optional

integer

priority_3_sla

optional

integer

priority_4_sla

optional

integer

priority_5_sla

optional

integer

Tags

• SLA Policy


GET /sla_policy/{sla_policy_id}

Description

Get specific SLA policy

Parameters

Type

Name

Schema

Path

sla_policy_id

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

bizgroups

required

< integer > array

id

required

integer

name

required

string

position

required

integer

priority_1_sla

required

integer

priority_2_sla

required

integer

priority_3_sla

required

integer

priority_4_sla

required

integer

priority_5_sla

required

integer

Tags

• SLA Policy


GET /solution/ansible/{solution_id}/

Description

Returns ansible script for solution id

Parameters

Type

Name

Schema

Path

solution_id

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

ansible_script

required

string

vulcan_solution_id

required

string

Tags

• Solutions


GET /solution/chef/{solution_id}/

Description

Returns chef recipe for solution id

Parameters

Type

Name

Schema

Path

solution_id

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

chef_recipe

required

string

vulcan_solution_id

required

string

Tags

• Solutions


GET /solution/cve/{cve}/

Description

Returns solutions list for specified cve

Parameters

Type

Name

Schema

Path

cve

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

solutions_list

optional

< solutions_list > array

solutions_list

Name

Schema

ansible_scripts_ids

optional

< string > array

description

optional

string

id

optional

integer

impact

optional

string

instruction

optional

string

new_supercede

optional

boolean

os_version

optional

string

packages

optional

< object > array

products

optional

< object > array

reference

optional

string

reference_link

optional

string

solution_type

optional

string

source

optional

string

src_base_names

optional

< string > array

src_packages

optional

< string > array

supercedence

optional

< string > array

third_party_products

optional

< object > array

title

optional

string

vendor

optional

string

vulcan_solution_id

optional

string

Tags

• Solutions


GET /solution/puppet/{solution_id}/

Description

Returns puppet script for solution id

Parameters

Type

Name

Schema

Path

solution_id

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

puppet_script

required

string

vulcan_solution_id

required

string

Tags

• Solutions


GET /solution/scanner/{scanner_name}/{item_id}/

Description

Returns solutions list for specified scanner_name, item_id (for example qualys, 13432)

Parameters

Type

Name

Schema

Path

item_id

required

string

Path

scanner_name

required

string

Responses

HTTP Code

Schema

200

Response 200

Name

Schema

solutions_list

optional

< solutions_list > array

solutions_list

Name

Schema

ansible_scripts_ids

optional

< string > array

description

optional

string

id

optional

integer

impact

optional

string

instruction

optional

string

new_supercede

optional

boolean

os_version

optional

string

packages

optional

< object > array

products

optional

< object > array

reference

optional

string

reference_link

optional

string

solution_type

optional

string

source

optional

string

src_base_names

optional

< string > array

src_packages

optional

< string > array

supercedence

optional

< string > array

third_party_products

optional

< object > array

title

optional

string

vendor

optional

string

vulcan_solution_id

optional

string

Tags

• Solutions


GET /solution/vv_id/{vv_id}/

Description

Returns solutions list for specified vv_id

Parameters

Type

Name

Schema

Path

vv_id

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

solutions_list

optional

< solutions_list > array

solutions_list

Name

Schema

ansible_scripts_ids

optional

< string > array

description

optional

string

id

optional

integer

impact

optional

string

instruction

optional

string

new_supercede

optional

boolean

os_version

optional

string

packages

optional

< object > array

products

optional

< object > array

reference

optional

string

reference_link

optional

string

solution_type

optional

string

source

optional

string

src_base_names

optional

< string > array

src_packages

optional

< string > array

supercedence

optional

< string > array

third_party_products

optional

< object > array

title

optional

string

vendor

optional

string

vulcan_solution_id

optional

string

Tags

• Solutions


GET /solutions/

Description

Get all solutions data from all sources (advisory, links, third party and workarounds)

Responses

HTTP Code

Schema

200

< Response 200 > array

Response 200

Name

Schema

affected_assets

required

integer

critical_vulnerabilities

required

integer

publish_date

required

string

reference_link

required

string

solution_type

required

string

title

required

string

total_vulnerabilities

required

integer

vendor

required

string

vulcan_solution_id

required

string

Tags

• Solutions


GET /solutions/{vulcan_solution_id}/

Description

Returns the specified solution ID

Parameters

Type

Name

Schema

Path

vulcan_solution_id

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

affected_assets

required

integer

ansible_script

required

string

ci_ids

optional

< integer > array

critical_vulnerabilities

required

integer

description

required

string

favorite

required

boolean

high_vulnerabilities

required

integer

hosts

required

< object > array

id

required

integer

impact

required

string

instance_solution

required

boolean

instruction

required

string

new_supercede

required

boolean

os_version

required

string

packages

required

< object > array

product

required

< integer > array

publish_date

required

string

rank

required

integer

recommended

required

boolean

reference

required

string

reference_link

required

string

score

required

integer

score_asset_priority

required

string

score_assets_count

required

integer

score_vulnerability_cvss

required

integer

score_vulnerability_name

required

string

solution_type

required

string

source

required

string

src_base_names

required

< string > array

src_packages

required

< string > array

supercedce

required

< string > array

title

required

string

total_vulnerabilities

required

integer

update_date

required

string

vendor

required

string

vulcan_solution_id

required

string

vulnerabilities

required

< object > array

Tags

• Solutions


POST /tags/

Description

Create a new tag

Parameters

Type

Name

Schema

Body

data

required

data

data

Name

Description

Schema

biz_group

optional

boolean

name

optional

string

severity_score

optional

integer

tag_join_meth od

optional

Join method can be union or intersection

Default : "union"

string

tag_query

optional

tag_query

tag_query

Name

Schema

Specific Assets

optional

Specific Assets

Tags

optional

< integer > array

freeInput

optional

< string > array

saved_search_id

optional

< number > array

subnet

optional

< string > array

Specific Assets

Name

Schema

code_projects

optional

< number > array

hosts

optional

< number > array

repositories

optional

< number > array

websites

optional

< number > array

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Description

Schema

biz_group

required

boolean

id

required

integer

name

required

string

native_impact

_name

required

string

native_severit y_score required

integer

saved_search

required

integer

severity_score

required

integer

tag_join_meth od

optional

Join method can be union or intersection

Default : "union"

string

tag_query

required

object

tag_type

required

string

Tags

• Tags


GET /tags/

Description

Get the list of tags. NOTE: If a tag retrieved contains assets that user' role does not have permission to view, it will not be returned.

Responses

HTTP Code

Schema

200

< Response 200 > array

Response 200

Name

Schema

biz_group

required

boolean

id

required

integer

name

required

string

tag_type

required

string

Tags

• Tags


GET /tags/{id}/

Description

Get the tag associated with the tag ID.

Parameters

Type

Name

Schema

Path

id

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

tag

required

tag_assets_count

required

tag_assets_count

total_count

required

total_count

tag

Name

Description

Schema

biz_group

optional

boolean

id

optional

integer

name

optional

string

native_impact

_name

optional

string

native_severit y_score optional

integer

saved_search

optional

integer

security_post ure_rating optional

string

severity_score

optional

integer

tag_join_meth od

optional

Join method can be union or intersection

Default : "union"

string

tag_query

optional

object

tag_type

optional

string

tag_assets_count

Name

Schema

cloud_resources_count

optional

integer

code_projects_count

optional

integer

hosts_count

optional

integer

repositories_count

optional

integer

websites_count

optional

integer

total_count

Name

Schema

cloud_resources_count

optional

integer

code_projects_count

optional

integer

hosts_count

optional

integer

repositories_count

optional

integer

websites_count

optional

integer

Tags

• Tags


PUT /tags/{id}/

Description

Update an existing tag

Parameters

Type

Name

Schema

Path

id

required

string

Body

data

required

data

data

Name

Description

Schema

biz_group

optional

boolean

name

optional

string

severity_score

optional

integer

tag_join_meth od

optional

Join method can be union or intersection

Default : "union"

string

tag_query

optional

tag_query

Name

Schema

Specific Assets

optional

Specific Assets

Tags

optional

< string > array

freeInput

optional

< string > array

saved_search_id

optional

< number > array

subnet

optional

< string > array

Specific Assets

Name

Schema

code_projects

optional

< number > array

hosts

optional

< number > array

repositories

optional

< number > array

websites

optional

< number > array

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Description

Schema

biz_group

required

boolean

id

required

integer

name

required

string

native_impact

_name

required

string

native_severit y_score required

integer

saved_search

required

integer

severity_score

required

integer

tag_join_meth od

optional

Join method can be union or intersection

Default : "union"

string

tag_query

required

object

tag_type

required

string

Tags

• Tags


DELETE /tags/{id}/

Description

Delete the tag associated with the tag ID. Note - you can delete only Vulcan tags.

Parameters

Type

Name

Schema

Path

id

required

string

Responses

HTTP Code

Schema

202

string

Tags

• Tags


GET /vulcanreport/

Description

Return a list of all the VulcanReportConnector that exists in the system

Responses

HTTP Code

Schema

200

< Response 200 > array

Response 200

Name

Schema

id

required

integer

name

required

string

Tags

• Vulcan Report Connector


POST /vulcanreport/upload_report/{connector_id}/

Description

Upload a CSV file to a specific VulcanReportConnector ID.

PARAM: is_end_of_cycle - True (default; if this is the last file in the current sync).

False - if the current file is part of the same sync as the previous file.

After the sync cycle is done, all vulnerabilities from previous syncs that aren’t part of the last sync will be considered fixed.

Parameters

Type

Name

Schema

Path

connector_id

required

string

Body

data

required

data

data

Name

Schema

is_end_of_cycle

optional

boolean

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

failed_uploading

required

< failed_uploading > array

success_uploading

required

< success_uploading > array

failed_uploading

Name

Schema

file_id

optional

integer

file_name

optional

string

success_uploading

Name

Schema

file_id

optional

integer

file_name

optional

string

Tags

• Vulcan Report Connector


GET /vulcanreport/{connector_id}/files/

Description

Return a list of all the VulcanReportFile that exists in the specified connector

Parameters

Type

Name

Schema

Path

connector_id

required

string

Responses

HTTP Code

Schema

200

< Response 200 > array

Response 200

Name

Schema

connector_id

required

integer

Tags

• Vulcan Report Connector


DELETE /vulcanreport/{connector_id}/files/{file_id}

Description

Delete a specific file

Parameters

Type

Name

Schema

Path

connector_id

required

string

Path

file_id

required

string

Responses

HTTP Code

Schema

200

< Response 200 > array

Response 200

Name

Schema

connector_id

optional

integer

file_id

optional

integer

Tags

• Vulcan Report Connector


GET /vulcanreport/{connector_id}/status/

Description

Return all the names of the uploaded reports to a specific VulcanReportConnector ID with parsing status.

If status=parsed - return the number of records that were found in the report.

If not, indicate that status=parsing.

Parameters

Type

Name

Schema

Path

connector_id

required

string

Responses

HTTP Code

Schema

200

< Response 200 > array

Response 200

Name

Schema

report_hosts_count

required

integer

report_id

required

integer

report_vulnerabilities_count

required

integer

report_websites_count

required

integer

Tags

• Vulcan Report Connector


GET /vulcanreport/{connector_id}/status/{report_id}/

Description

Return information for a specific report in a VulcanReportConnector ID with parsing status. If status=Parsed - return the number of records that were found in the report. If not, indicate that status=Parsing.

Parameters

Type

Name

Schema

Path

connector_id

required

string

Path

report_id

required

string

Responses

HTTP Code

Schema

200

< Response 200 > array

Response 200

Name

Schema

report_hosts_count

required

integer

report_id

required

integer

report_vulnerabilities_count

required

integer

report_websites_count

required

integer

Tags

• Vulcan Report Connector


POST /vuln_tags/

Parameters

Type

Name

Schema

Body

data

required

data

data

Name

Schema

vuln_tag

optional

vuln_tag

vuln_tag

Name

Schema

color

optional

string

description

optional

string

name

optional

string

Responses

HTTP Code

Schema

201

Response 201

Response 201

Name

Schema

color

optional

string

description

optional

string

id

optional

integer

name

optional

string

Tags

• Vulnerability Tags


GET /vuln_tags/

Responses

HTTP Code

Schema

200

< Response 200 > array

Response 200

Name

Schema

color

optional

string

description

optional

string

id

optional

integer

name

optional

string

Tags

• Vulnerability Tags


POST /vuln_tags/attach_detach_vuln_tags/

Parameters

Type

Name

Schema

Body

data

required

data

Name

Schema

attach_tags

optional

< integer > array

detach_tags

optional

< integer > array

vuln_ids

optional

< integer > array

Tags

• Vulnerability Tags


POST /vuln_tags/vulns_tags_by_vuln_ids/

Parameters

Type

Name

Schema

Body

data

required

data

data

Name

Schema

vuln_ids

optional

< integer > array

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

common_tag_ids

required

< integer > array

tags

required

< tags > array

tags

Name

Schema

color

optional

string

description

optional

string

id

optional

integer

name

optional

string

Tags

• Vulnerability Tags


GET /vuln_tags/{id}/

Parameters

Type

Name

Schema

Path

id

required

string

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

color

optional

string

description

optional

string

id

optional

integer

name

optional

string

Tags

• Vulnerability Tags


PUT /vuln_tags/{id}/

Parameters

Type

Name

Schema

Path

id

required

string

Body

data

required

data

data

Name

Schema

color

optional

string

description

optional

string

name

optional

string

Responses

HTTP Code

Schema

201

Response 201

Response 201

Name

Schema

color

optional

string

description

optional

string

id

optional

integer

name

optional

string

Tags

• Vulnerability Tags


DELETE /vuln_tags/{id}/

Parameters

Type

Name

Schema

Path

id

required

string

Responses

HTTP Code

Schema

202

string

Tags

• Vulnerability Tags


PATCH /vuln_tags/{id}/

Parameters

Type

Name

Schema

Path

id

required

string

Body

data

required

data

data

Name

Schema

color

optional

string

description

optional

string

name

optional

string

Responses

HTTP Code

Schema

201

Response 201

Response 201

Name

Schema

color

optional

string

description

optional

string

id

optional

integer

name

optional

string

Tags

• Vulnerability Tags


POST /vulnerabilities/

Description

Returns all vulnerabilities for which you have access that match the given search criteria per the API rate limit.
Body example:

{"filters":{"threats":["Exploitable"],"operatingSystems":["Windows"],"priority":[1]},"sort_by":null,"sta rt_offset":null,"end_offset":null}

Parameters

Type

Name

Schema

Body

data

required

data

data

Name

Schema

biz_group_id

optional

integer

filters

optional

filters

sort_by

optional

object

filters

Name

Schema

Exclude Tags

optional

< string > array

Tags

optional

< string > array

assets_os_versions

optional

< string > array

assets_sources

optional

< string > array

cves

optional

< string > array

cvss_score

optional

< cvss_score > array

freeInput

optional

< string > array

operatingSystems

optional

< string > array

priority

optional

< number > array

qid

optional

< number > array

sccm_patchable

optional

< enum (Yes, No) > array

sla_status

optional

< enum (Any, Breaching) > array

tableStatus

optional

< enum (Pending, In progress, Fixed) > array

threats

optional

< string > array

vulcan_discovery_time

optional

< vulcan_discovery_time > array

vuln_sources

optional

< string > array

cvss_score

Name

Schema

op

optional

enum (lt, gt, eq, ge, le)

value

optional

number

vulcan_discovery_time

Name

Schema

op

optional

enum (lt, gt)

value

optional

number

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

all

required

< all > array

fixed

required

< fixed > array

ignored

required

< ignored > array

vulnerable

required

< vulnerable > array

all

Name

Schema

assets_count

required

integer

assets_count_by_os

required

< object > array

assets_os_versions

required

< string > array

first_seen

required

string

host_type

required

string

id

required

integer

last_seen

required

string

last_update

required

string

min_sla

required

integer

priority

required

integer

rank_score

required

number

sla_breaching_count

required

integer

status

required

string

tags

required

< integer > array

threats

required

< string > array

title

required

string

vulcan_discovery_time

required

string

vuln_sources

required

< string > array

was_read

required

boolean

fixed

Name

Schema

assets_count

required

integer

assets_count_by_os

required

< object > array

assets_os_versions

required

< string > array

first_seen

required

string

host_type

required

string

id

required

integer

last_seen

required

string

last_update

required

string

min_sla

required

integer

priority

required

integer

rank_score

required

number

sla_breaching_count

required

integer

status

required

string

tags

required

< integer > array

threats

required

< string > array

title

required

string

vulcan_discovery_time

required

string

vuln_sources

required

< string > array

was_read

required

boolean

ignored

Name

Schema

assets_count

required

integer

assets_count_by_os

required

< object > array

assets_os_versions

required

< string > array

first_seen

required

string

host_type

required

string

id

required

integer

last_seen

required

string

last_update

required

string

min_sla

required

integer

priority

required

integer

rank_score

required

number

sla_breaching_count

required

integer

status

required

string

tags

required

< integer > array

threats

required

< string > array

title

required

string

vulcan_discovery_time

required

string

vuln_sources

required

< string > array

was_read

required

boolean

vulnerable

Name

Schema

assets_count

required

integer

assets_count_by_os

required

< object > array

assets_os_versions

required

< string > array

first_seen

required

string

host_type

required

string

id

required

integer

last_seen

required

string

last_update

required

string

min_sla

required

integer

priority

required

integer

rank_score

required

number

sla_breaching_count

required

integer

status

required

string

tags

required

< integer > array

threats

required

< string > array

title

required

string

vulcan_discovery_time

required

string

vuln_sources

required

< string > array

was_read

required

boolean

Tags

• Vulnerabilities


POST /vulnerabilities/details/{vulnerability_id}/

Description

Get the specified vulnerability ID

Parameters

Type

Name

Schema

Path

vulnerability_id

required

string

Body

data

required

data

data

Name

Schema

category

optional

string

filters

optional

filters

omit_assets

optional

boolean

filters

Name

Schema

Exclude Tags

optional

< string > array

Tags

optional

< string > array

assets_os_versions

optional

< string > array

assets_sources

optional

< string > array

cves

optional

< string > array

cvss_score

optional

< cvss_score > array

freeInput

optional

< string > array

operatingSystems

optional

< string > array

priority

optional

< number > array

qid

optional

< number > array

sccm_patchable

optional

< enum (Yes, No) > array

sla_status

optional

< enum (Any, Breaching) > array

tableStatus

optional

< enum (Pending, In progress, Fixed) > array

threats

optional

< string > array

vulcan_discovery_time

optional

< vulcan_discovery_time > array

vuln_sources

optional

< string > array

cvss_score

Name

Schema

op

optional

enum (lt, gt, eq, ge, le)

value

optional

number

vulcan_discovery_time

Name

Schema

op

optional

enum (lt, gt)

value

optional

number

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

added_json

required

object

assets

required

< object > array

assets_count

required

integer

assets_count_by_category

required

assets_count_by_os

required

< object > array

assets_count_by_os_by_category

required

assets_os_versions

required

< string > array

assets_os_versions_by_category

required

assets_sources

required

< string > array

assets_sources_by_category

required

audit_data

required

< audit_data > array

code_projects

required

< object > array

containers

required

< object > array

cpes

required

< string > array

cves

required

< string > array

cvss_score

required

number

cwe_labels

required

< object > array

cwes

required

< string > array

description

required

string

first_seen

required

string

first_seen_by_category

required

fixes

required

< object > array

host_type

required

string

hosts_count

required

integer

hosts_count_by_os

required

hosts_count_by_status

required

object

id

required

integer

ignored_status_until

required

object

impact

required

string

last_seen

required

string

last_seen_by_category

required

last_update

required

string

last_update_by_category

required

min_sla

required

integer

modified_date

required

string

note

required

object

priority

required

integer

published_date

required

string

rank_score

required

number

repositories

required

< object > array

sla_breaching_count

required

integer

sla_breaching_count_by_category

required

solutions

required

< object > array

sources

required

< string > array

status

required

string

status_changed_by_user_action

required

boolean

status_date

required

string

status_timestamp

required

string

tags

required

< integer > array

tags_by_category

required

tags_count_by_severity_score

required

threat_data

required

object

threats

required

title

required

string

total_assets_count_in_system

required

integer

vulcan_discovery_time

required

string

vuln_packages

required

< string > array

vuln_sources

required

< string > array

vuln_vendor

required

< string > array

vv_id

required

string

was_read

required

boolean

websites

required

< object > array

assets_count_by_category

Name

Schema

all

optional

integer

fixed

optional

integer

ignored

optional

integer

vulnerable

optional

integer

assets_count_by_os_by_category

Name

Schema

all

optional

< all > array

fixed

optional

< fixed > array

ignored

optional

< ignored > array

vulnerable

optional

< vulnerable > array

all

Name

Schema

count

optional

integer

os_type

optional

string

fixed

Name

Schema

count

optional

integer

os_type

optional

string

ignored

Name

Schema

count

optional

integer

os_type

optional

string

vulnerable

Name

Schema

count

optional

integer

os_type

optional

string

assets_os_versions_by_category

Name

Schema

all

optional

< string > array

fixed

optional

< string > array

ignored

optional

< string > array

vulnerable

optional

< string > array

assets_sources_by_category

Name

Schema

all

optional

< string > array

fixed

optional

< string > array

ignored

optional

< string > array

vulnerable

optional

< string > array

audit_data

Name

Schema

audit_type

optional

string

created_date

optional

string

id

optional

integer

text

optional

string

title

optional

string

vulcan_host

optional

object

first_seen_by_category

Name

Schema

all

optional

string

fixed

optional

string

ignored

optional

string

vulnerable

optional

string

hosts_count_by_os

Name

Schema

count

optional

integer

os_type

optional

string

last_seen_by_category

Name

Schema

all

optional

string

fixed

optional

string

ignored

optional

string

vulnerable

optional

string

last_update_by_category

Name

Schema

all

optional

string

fixed

optional

string

ignored

optional

string

vulnerable

optional

string

sla_breaching_count_by_category

Name

Schema

all

optional

integer

fixed

optional

integer

ignored

optional

integer

vulnerable

optional

integer

tags_by_category

Name

Schema

all

optional

< integer > array

fixed

optional

< integer > array

ignored

optional

< integer > array

vulnerable

optional

< integer > array

tags_count_by_severity_score

Name

Schema

count

optional

integer

severity_score

optional

integer

tag_ids

optional

< integer > array

threats

Name

Schema

attack_vector

optional

< string > array

exploitablity

optional

< string > array

Tags

• Vulnerabilities


Checkmarx Specific

GET /connectors/checkmarx/

Responses

HTTP Code

Schema

200

Response 200

Response 200

Name

Schema

available_result_states

optional

< string > array

connectors

optional

< connectors > array

connectors

Name

Schema

id

required

integer

name

required

string

result_states

required

< string > array

Tags

• Checkmarx Connector

PATCH /connectors/checkmarx/{connector_id}/result_states

Parameters

Type

Name

Schema

Path

connector_id

required

string

Body

data

required

< string > array

Responses

HTTP Code

Schema

200

< string > array

400

Response 400

Response 400

Name

Schema

error

optional

string

Tags

• Checkmarx Connector

Did this answer your question?