API Findings
Gérez les découvertes de vulnérabilités détectées lors des analyses.
Points de terminaison
| Méthode | Point de terminaison | Description |
|---|---|---|
| GET | /api/v1/findings | Lister toutes les découvertes |
| GET | /api/v1/findings/{id} | Obtenir les détails d'une découverte |
| PATCH | /api/v1/findings/{id} | Mettre à jour le statut d'une découverte |
| POST | /api/v1/findings/{id}/comments | Ajouter un commentaire |
| GET | /api/v1/findings/stats | Obtenir les statistiques des découvertes |
Lister les découvertes
Récupérer toutes les découvertes de vulnérabilités.
bash
GET /api/v1/findingsParamètres de requête
| Paramètre | Type | Description |
|---|---|---|
page | integer | Numéro de page (par défaut : 1) |
per_page | integer | Éléments par page (par défaut : 20, max : 100) |
severity | string | Filtre : critical, high, medium, low, info |
status | string | Filtre : open, in_progress, resolved, false_positive, accepted |
scan_id | string | Filtrer par analyse |
target | string | Filtrer par domaine cible |
tool | string | Filtrer par outil de détection |
cve | string | Filtrer par identifiant CVE |
sort | string | Trier par : severity, created_at, cvss_score |
order | string | Ordre de tri : asc, desc |
Réponse
json
{
"items": [
{
"id": "finding_abc123",
"title": "Remote Code Execution via Deserialization",
"severity": "critical",
"status": "open",
"cvss_score": 9.8,
"epss_score": 0.85,
"target": "example.com",
"affected_component": "https://example.com/api/upload",
"tool": "nuclei",
"template_id": "CVE-2024-1234",
"cve_ids": ["CVE-2024-1234"],
"cwe_ids": ["CWE-502"],
"scan_id": "scan_xyz789",
"detected_at": "2025-12-21T10:30:00Z",
"frameworks": ["SOC 2", "PCI-DSS"]
}
],
"total": 156,
"page": 1,
"per_page": 20,
"pages": 8
}Obtenir les détails d'une découverte
Récupérer les détails complets d'une découverte.
bash
GET /api/v1/findings/{finding_id}Réponse
json
{
"id": "finding_abc123",
"title": "Remote Code Execution via Deserialization",
"severity": "critical",
"status": "open",
"cvss_score": 9.8,
"cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"epss_score": 0.85,
"target": "example.com",
"affected_component": "https://example.com/api/upload",
"description": "The application deserializes untrusted data without validation, allowing remote code execution...",
"impact": "An attacker can execute arbitrary code on the server, potentially gaining full system access...",
"remediation": {
"summary": "Avoid deserializing untrusted data. If necessary, use allowlists for permitted classes.",
"steps": [
"Update the serialization library to the latest version",
"Implement input validation before deserialization",
"Use secure deserialization patterns"
],
"code_example": "// Example secure deserialization...",
"references": [
"https://owasp.org/www-project-web-security-testing-guide/"
]
},
"evidence": {
"request": "POST /api/upload HTTP/1.1...",
"response": "HTTP/1.1 500 Internal Server Error...",
"screenshot_url": null
},
"tool": "nuclei",
"template_id": "CVE-2024-1234",
"cve_ids": ["CVE-2024-1234"],
"cwe_ids": ["CWE-502"],
"scan_id": "scan_xyz789",
"detected_at": "2025-12-21T10:30:00Z",
"frameworks": [
{
"name": "SOC 2",
"controls": ["CC6.1", "CC7.1"]
},
{
"name": "PCI-DSS",
"controls": ["6.5.1", "11.3"]
}
],
"comments": [
{
"id": "comment_123",
"user": "[email protected]",
"text": "Assigned to security team for immediate review",
"created_at": "2025-12-21T11:00:00Z"
}
],
"history": [
{
"action": "status_changed",
"from": null,
"to": "open",
"user": "system",
"timestamp": "2025-12-21T10:30:00Z"
}
]
}Mettre à jour une découverte
Mettre à jour le statut ou les propriétés d'une découverte.
bash
PATCH /api/v1/findings/{finding_id}
Content-Type: application/jsonCorps de la requête
json
{
"status": "in_progress",
"assignee": "[email protected]",
"priority": "high",
"due_date": "2025-12-28T00:00:00Z",
"notes": "Escalated to development team"
}Valeurs de statut valides
| Statut | Description |
|---|---|
open | La découverte n'est pas traitée |
in_progress | Remédiation en cours |
resolved | La découverte a été corrigée |
false_positive | Pas une découverte valide |
accepted | Risque accepté, aucune remédiation prévue |
Réponse
json
{
"id": "finding_abc123",
"status": "in_progress",
"assignee": "[email protected]",
"updated_at": "2025-12-21T12:00:00Z"
}Ajouter un commentaire
Ajouter un commentaire à une découverte.
bash
POST /api/v1/findings/{finding_id}/comments
Content-Type: application/jsonCorps de la requête
json
{
"text": "Verified the vulnerability. Working on patch."
}Réponse
json
{
"id": "comment_456",
"finding_id": "finding_abc123",
"user": "[email protected]",
"text": "Verified the vulnerability. Working on patch.",
"created_at": "2025-12-21T12:30:00Z"
}Statistiques des découvertes
Obtenir des statistiques agrégées pour les découvertes.
bash
GET /api/v1/findings/statsParamètres de requête
| Paramètre | Type | Description |
|---|---|---|
from_date | string | Date de début (ISO 8601) |
to_date | string | Date de fin (ISO 8601) |
target | string | Filtrer par cible |
Réponse
json
{
"total": 156,
"by_severity": {
"critical": 5,
"high": 23,
"medium": 67,
"low": 45,
"info": 16
},
"by_status": {
"open": 89,
"in_progress": 34,
"resolved": 28,
"false_positive": 3,
"accepted": 2
},
"by_tool": {
"nuclei": 89,
"sqlmap": 12,
"semgrep": 34,
"trivy": 21
},
"trends": {
"new_this_week": 23,
"resolved_this_week": 18,
"average_resolution_days": 7.5
}
}Opérations en masse
Mise à jour en masse du statut
bash
POST /api/v1/findings/bulk
Content-Type: application/json
{
"finding_ids": ["finding_123", "finding_456", "finding_789"],
"update": {
"status": "false_positive",
"notes": "Verified not exploitable in this context"
}
}Exporter les découvertes
bash
GET /api/v1/findings/export?format=csvFormats supportés : csv, json, pdf
Analyse IA
Tous les plans
L'analyse alimentée par IA est disponible sur tous les plans (limites de quota applicables).
Obtenez des conseils de remédiation générés par IA :
bash
GET /api/v1/findings/{finding_id}/ai-analysisRéponse
json
{
"finding_id": "finding_abc123",
"ai_analysis": {
"risk_assessment": "This vulnerability poses critical risk due to...",
"attack_scenarios": [
"An attacker could exploit this by...",
"Combined with other findings, this enables..."
],
"remediation_priority": "immediate",
"recommended_actions": [
"Apply the latest security patch",
"Implement WAF rules to block exploit attempts",
"Enable monitoring for suspicious activity"
],
"automation_available": true,
"ansible_playbook_id": "playbook_remediate_rce"
},
"ai_credits_used": 1
}