Bitsight

the bitsight connector allows users to access detailed security performance insights and ratings for various organizations directly through the swimlane platform bitsight provides comprehensive security ratings and detailed insights into organizational security performance with the swimlane turbine bitsight connector, users can effortlessly retrieve detailed security issue insights for specified organizations, leveraging entity guids to enhance threat analysis and risk management this integration empowers end users to prioritize risks effectively, streamline remediation efforts, and bolster their overall security posture without the need for complex coding limitations none to date supported versions this bitsight connector uses the version 1 api additional docs bitsight authentication link https //help bitsighttech com/hc/en us/articles/115014888388 api token managementbitsight api documentation link https //help bitsighttech com/hc/en us/articles/231872628 api documentation overview configuration prerequisites to effectively utilize the bitsight connector for swimlane turbine, ensure you have the following api key authentication with the necessary parameters url endpoint for the bitsight api api token your unique identifier to authenticate with the bitsight platform authentication methods api key authentication url the endpoint url for the bitsight api api token your unique identifier to authenticate with the bitsight api setup instructions generating a token to generate a token, determine the token type and navigate to the user preferences page settings ➔ account ➔ user preferences generating a user api token in the user api token section, select generate new token generate a new user token as needed, especially if you suspect your token has been compromised note generating a new user token will replace and invalidate the previous token generating a company api token only admins and vrm admins can generate a company api token refer to user permissions for more details in the company api token section, enter a description for the token in the new token field, specifying its purpose select generate, then copy the generated token and store it securely the company api token is displayed only once for security purposes capabilities this bitsight connector provides the following capabilities companies finding details companies finding details retrieve detailed findings for an organization in bitsight, providing insights into specific security issues get an organization’s finding details this includes the finding details of risk types that affect or will affect security ratings; compromised systems, diligence (except domain squatting), and user behavior (file sharing) this does not include domain squatting and public disclosures (security incidents and other disclosures), as their findings cannot be queried via the api bitsight's documentation for this action can be found here https //help bitsighttech com/hc/en us/articles/360022913734 get finding details configurations bitsight api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required api token a unique api token used to access the bitsight api securely string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions companies finding details retrieve detailed insights on security issues for a specified organization in bitsight using the entity guid endpoint url /ratings/v1/companies/{{entity guid}}/findings method get input argument name type required description entity guid string required unique identifier for the company identify the company to query portfolio company’s unique identifier \[entity guid] see get portfolio details( https //help bitsighttech com/hc/en us/articles/360055740193 get portfolio details https //help bitsighttech com/hc/en us/articles/360055740193 get portfolio details ) fields string optional comma separated field names field names are the names of the fields in the response object the order of the specific fields might not be reflected in the response format string optional set the format of the response data example json limit number optional set the maximum number of results the results might include fewer records (even zero), but not more if not set, the default number of results can vary depending on the endpoint offset number optional set the starting point of the return a 0 (zero) value starts the results from the first record in the result set q string optional perform a full text search for matching records on all searchable fields sort string optional sort the response objects in alphabetical order field name to sort in descending order, place a minus sign ( ) immediately before the field name example 'field 1, field 2' first sorts by ascending field 1, and then by descending field 2 next string optional the link to navigate to the next page of the results previous string optional the link to navigate to the previous page of the results risk category string optional to get details on specific risk categories, use the risk category parameter along with the following comma separated values compromised systems, diligence, user behavior risk vector string optional to get details on specific risk vectors, use the risk vector parameter along with the following comma separated values affects rating boolean optional filter by findings that have an impact on the letter grade true = include only the findings that have an impact on the letter grade affects rating details string optional filter the result by the value of does not affect rating reason values may be used in combination affects rating affects the risk vector grade lifetime expired does not affect the risk vector grade because the finding has reached the end of its lifetime assets asset string optional filter by asset domain, ip address assets category string optional filter by asset importance see asset importance( https //help bitsighttech com/hc/en us/articles/360060231753 api fields asset importance https //help bitsighttech com/hc/en us/articles/360060231753 api fields asset importance ) assets combined importance string optional filter by combined asset importance comma separated asset importance( https //help bitsighttech com/hc/en us/articles/360060231753 api fields asset importance https //help bitsighttech com/hc/en us/articles/360060231753 api fields asset importance ) assets hosted by string optional filter by the hosting provider hosting provider’s unique identifier \[entity guid] see get portfolio details( https //help bitsighttech com/hc/en us/articles/360055740193 get portfolio details https //help bitsighttech com/hc/en us/articles/360055740193 get portfolio details ) attributed companies guid array optional filter by companies in your ratings tree that are attributed to the finding comma separated my company or my subsidiary unique identifiers \[entity guid] see get portfolio details( https //help bitsighttech com/hc/en us/articles/360055740193 get portfolio details https //help bitsighttech com/hc/en us/articles/360055740193 get portfolio details ) attributed companies name array optional filter by companies in your ratings tree that are attributed to the finding comma separated company names details cvss base gte number optional include findings with vulnerabilities with a cvss score greater than or equal to this value valid range 1 to 10 details cvss base lte number optional include findings with vulnerabilities with a cvss score less than or equal to this value valid range 1 to 10 details grade string optional filter by diligence finding grade or n/a for compromised systems and user behavior findings incompatible with grade lt and grade gt details grade gt string optional include a range from the selected diligence finding grade to good incompatible with grade details grade lt string optional include a range from the selected diligence finding grade to bad details infection family string optional filter by infections comma separated infection names output parameter type description status code number http status code of the response reason string response reason phrase links object output field links previous object output field previous next object output field next count number count value results array result of the operation temporary id string unique identifier affects rating boolean output field affects rating assets array output field assets asset string output field asset identifier object unique identifier category string output field category importance number output field importance is ip boolean output field is ip asset type string type of the resource is monitored boolean output field is monitored details object output field details cvss object output field cvss base array output field base check pass string output field check pass evidence key string unique identifier first seen string output field first seen last seen string output field last seen related findings array output field related findings example \[ { "status code" 200, "response headers" { "content type" "application/json", "date" "thu, 01 jan 2024 00 00 00 gmt" }, "reason" "ok", "json body" { "links" {}, "count" 123, "results" \[] } } ] response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt