Bitsight

the bitsight connector allows users to access detailed security performance insights and ratings for various organizations directly through the swimlane platform bitsight provides comprehensive security ratings and detailed insights into organizational security performance with the swimlane turbine bitsight connector, users can effortlessly retrieve detailed security issue insights for specified organizations, leveraging entity guids to enhance threat analysis and risk management this integration empowers end users to prioritize risks effectively, streamline remediation efforts, and bolster their overall security posture without the need for complex coding limitations none to date supported versions this bitsight connector uses the version 1 api additional docs https //help bitsighttech com/hc/en us/articles/115014888388 api token management https //help bitsighttech com/hc/en us/articles/231872628 api documentation overview configuration prerequisites to effectively utilize the bitsight connector for swimlane turbine, ensure you have the following api key authentication with the necessary parameters url endpoint for the bitsight api api token your unique identifier to authenticate with the bitsight platform authentication methods api key authentication url the endpoint url for the bitsight api api token your unique identifier to authenticate with the bitsight api setup instructions generating a token to generate a token, determine the token type and navigate to the user preferences page settings ➔ account ➔ user preferences generating a user api token in the user api token section, select generate new token generate a new user token as needed, especially if you suspect your token has been compromised note generating a new user token will replace and invalidate the previous token generating a company api token only admins and vrm admins can generate a company api token refer to user permissions for more details in the company api token section, enter a description for the token in the new token field, specifying its purpose select generate, then copy the generated token and store it securely the company api token is displayed only once for security purposes capabilities this bitsight connector provides the following capabilities companies finding details companies finding details retrieve detailed findings for an organization in bitsight, providing insights into specific security issues get an organization’s finding details this includes the finding details of risk types that affect or will affect security ratings; compromised systems, diligence (except domain squatting), and user behavior (file sharing) this does not include domain squatting and public disclosures (security incidents and other disclosures), as their findings cannot be queried via the api bitsight's documentation for this action can be found https //help bitsighttech com/hc/en us/articles/360022913734 get finding details configurations bitsight api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required api token a unique api token used to access the bitsight api securely string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions companies finding details retrieve detailed insights on security issues for a specified organization in bitsight using the entity guid endpoint url /ratings/v1/companies/{{entity guid}}/findings method get input argument name type required description path parameters entity guid string required unique identifier for the company identify the company to query portfolio company’s unique identifier \[entity guid] see get portfolio details( https //help bitsighttech com/hc/en us/articles/360055740193 get portfolio details ) parameters fields string optional comma separated field names field names are the names of the fields in the response object the order of the specific fields might not be reflected in the response parameters format string optional set the format of the response data example json parameters limit number optional set the maximum number of results the results might include fewer records (even zero), but not more if not set, the default number of results can vary depending on the endpoint parameters offset number optional set the starting point of the return a 0 (zero) value starts the results from the first record in the result set parameters q string optional perform a full text search for matching records on all searchable fields parameters sort string optional sort the response objects in alphabetical order field name to sort in descending order, place a minus sign ( ) immediately before the field name example 'field 1, field 2' first sorts by ascending field 1, and then by descending field 2 parameters next string optional the link to navigate to the next page of the results parameters previous string optional the link to navigate to the previous page of the results parameters risk category string optional to get details on specific risk categories, use the risk category parameter along with the following comma separated values compromised systems, diligence, user behavior parameters risk vector string optional to get details on specific risk vectors, use the risk vector parameter along with the following comma separated values parameters affects rating boolean optional filter by findings that have an impact on the letter grade true = include only the findings that have an impact on the letter grade parameters affects rating details string optional filter the result by the value of does not affect rating reason values may be used in combination affects rating affects the risk vector grade lifetime expired does not affect the risk vector grade because the finding has reached the end of its lifetime parameters assets asset string optional filter by asset domain, ip address parameters assets category string optional filter by asset importance see asset importance( https //help bitsighttech com/hc/en us/articles/360060231753 api fields asset importance ) parameters assets combined importance string optional filter by combined asset importance comma separated asset importance( https //help bitsighttech com/hc/en us/articles/360060231753 api fields asset importance ) parameters assets hosted by string optional filter by the hosting provider hosting provider’s unique identifier \[entity guid] see get portfolio details( https //help bitsighttech com/hc/en us/articles/360055740193 get portfolio details ) parameters attributed companies guid array optional filter by companies in your ratings tree that are attributed to the finding comma separated my company or my subsidiary unique identifiers \[entity guid] see get portfolio details( https //help bitsighttech com/hc/en us/articles/360055740193 get portfolio details ) parameters attributed companies name array optional filter by companies in your ratings tree that are attributed to the finding comma separated company names parameters details cvss base gte number optional include findings with vulnerabilities with a cvss score greater than or equal to this value valid range 1 to 10 parameters details cvss base lte number optional include findings with vulnerabilities with a cvss score less than or equal to this value valid range 1 to 10 parameters details grade string optional filter by diligence finding grade or n/a for compromised systems and user behavior findings incompatible with grade lt and grade gt parameters details grade gt string optional include a range from the selected diligence finding grade to good incompatible with grade parameters details grade lt string optional include a range from the selected diligence finding grade to bad parameters details infection family string optional filter by infections comma separated infection names input example {"parameters" {"fields" "affects rating","format" "json","limit" 100,"offset" 100,"q" "","sort" "affects rating","next" "","previous" "","risk category" "diligence","risk vector" "open ports","affects rating"\ true,"affects rating details" "affects rating","assets asset" "11 111 111 111","assets category" "high","assets combined importance" "0 09","assets hosted by" "","attributed companies guid" \[""],"attributed companies name" \[""],"details cvss base gte" 1,"details cvss base lte" 1,"details grade" "good","details grade gt" "neutral","details grade lt" "good","details infection family" "gamarue","details observed ips contains" "","details vulnerabilities severity" "minor","evidence key" "11 111 111 111 23","expand" "tag details","first seen" "2025 02 04","first seen gt" "2025 02 04","first seen gte" "2025 02 04","first seen lt" "2025 02 04","first seen lte" "2025 02 04","guid" "4f99d64c c3d8 4e08 b346 14f042e97116","last remediation status date" "2025 02 04","last remediation status date gt" "2025 02 04","last remediation status date gte" "2025 02 04","last remediation status date lt" "2025 02 04","last remediation status date lte" "2025 02 04","last remediation status label" "open","last seen" "2025 02 04","last seen gt" "2025 02 04","last seen gte" "2025 02 04","last seen lt" "2025 02 04","last seen lte" "2025 02 04","remediation assignments" "4f99d64c c3d8 4e08 b346 14f042e97116","risk vector label" "open ports","severity" 3 9,"severity gt" 2 3,"severity gte" 3 4,"severity lt" 4 1,"severity lte" 5 1,"severity category" 2 5,"tags contains" "saperix com","unsampled"\ false,"vulnerabilities" "","count" 1,"next url" ""},"path parameters" {"entity guid" "a9jq47bbjea129322347d12e29c54b488752b3b71e"}} output parameter type description status code number http status code of the response reason string response reason phrase links object output field links links previous object output field links previous links next object output field links next count number count value results array result of the operation results temporary id string unique identifier results affects rating boolean result of the operation results assets array result of the operation results assets asset string result of the operation results assets identifier object unique identifier results assets category string result of the operation results assets importance number result of the operation results assets is ip boolean result of the operation results assets asset type string type of the resource results assets is monitored boolean result of the operation results details object result of the operation results details cvss object result of the operation results details cvss base array result of the operation results details check pass string result of the operation results details evidence key string unique identifier results details first seen string result of the operation results details last seen string result of the operation results details related findings array result of the operation output example {"links" {"previous" {},"next" {}},"count" 123,"results" \[{"temporary id" "string","affects rating"\ true,"assets" \[],"details" {}}]} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt