Generates a JWT from an API Key
The API Key to generate a token for
| apiKey required | string |
{- "apiKey": "string"
}{- "message": "string",
- "response": {
- "token": "string"
}
}Retrieves summary info for all business units for the authenticated token
{- "message": "string",
- "response": {
- "businessUnits": [
- {
- "businessUnitId": "kwZhJvbywXQQnImPQ6Cz",
- "name": "My Business Unit",
- "businessUnits": [
- {
- "businessUnitId": "abCdEfghiJIIzMmCD3Ez",
- "name": "My Business Unit"
}
]
}
]
}
}Retrieves the details for a specific business unit
| businessUnitId required | string The ID of the business unit |
{- "message": "string",
- "response": {
- "businessUnitId": "kwZhJvbywXQQnImPQ6Cz",
- "name": "My Business Unit",
- "businessUnits": [
- {
- "businessUnitId": "abCdEfghiJIIzMmCD3Ez",
- "name": "My Business Unit"
}
]
}
}Retrieves summaries of the assessments for a business unit
| businessUnitId required | string The ID of the business unit |
{- "message": "string",
- "response": {
- "assessments": [
- {
- "businessUnitId": "kwZhJvbywXQQnImPQ6Cz",
- "businessUnitName": "My Business Unit 1",
- "assessmentId": "abCdEfghiJIIzMmCD3Ez",
- "assessmentName": "My Assessment 1",
- "assessments": [
- {
- "businessUnitId": "abCdEfghiJIIzMmCD3Ez",
- "businessUnitName": "My Business Unit 2",
- "assessmentId": "deFGEfghxYZZzMmCD3Ez",
- "assessmentName": "My Assessment 2",
- "assessmentTypeId": "abCdEfghiJIIzMmCD3Ez"
}
]
}
]
}
}Adds a new assessment to a business unit
| businessUnitId required | string The ID of the business unit to add the assessment to |
The assessment data to create an assessment with. Note that dates need to be formatted exactly as the example shows.
required | object |
{- "assessment": {
- "assessmentName": "string",
- "assessmentTypeId": "string",
- "startDate": "2025-01-01T19:53:17.473382900Z",
- "dueDate": "2025-03-01T19:53:17.473382900Z",
- "notificationsOn": true
}
}{- "message": "string"
}Retrieves details of an assessment in a business unit
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment to retrieve details of |
{- "message": "string",
- "response": {
- "assessmentId": "kwZhJvbywXQQnImPQ6Cz",
- "assessmentName": "My Assessment",
- "version": "1.0",
- "assessmentTypeId": "abCdEfghiJIIzMmCD3Ez",
- "subAssessments": [
- {
- "assessmentId": "abCdEfghiJIIzMmCD3Ez",
- "businessUnitId": "abCdEfghiJIIzMmCD3Ez"
}
]
}
}Get evidences for an assessment
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
{- "message": "string",
- "response": {
- "evidences": [
- {
- "id": "string",
- "aspectId": "string",
- "title": "string",
- "url": "string",
- "createdBy": "string",
- "createdAt": "string",
- "archivedBy": "string",
- "archivedAt": "string"
}
]
}
}Saves evidences on an assessment
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
The list of evidences to save to the assessment.
required | Array of objects (saveEvidenceRequest) |
{- "evidences": [
- {
- "aspectId": "string",
- "title": "string",
- "url": "string"
}
]
}{- "message": "string"
}Archives evidences on an assessment
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
The list of evidence ids to archive on the assessment.
required | Array of objects (archiveEvidenceRequest) |
{- "evidences": [
- {
- "id": "string"
}
]
}{- "message": "string"
}Gets findings on an assessment
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
{- "message": "string",
- "response": {
- "findings": [
- {
- "aspectId": "string",
- "value": "string",
- "modifiedBy": "string",
- "modifiedAt": "string"
}
]
}
}Saves findings on an assessment
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
The list of findings to save to the assessment. Duplicate aspectIds between findings are not allowed.
required | Array of objects (saveAspectTextMetadataRequest) |
{- "findings": [
- {
- "aspectId": "string",
- "value": "string"
}
]
}{- "message": "string"
}Gets notes on an assessment
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
{- "message": "string",
- "response": {
- "notes": [
- {
- "aspectId": "string",
- "value": "string",
- "modifiedBy": "string",
- "modifiedAt": "string"
}
]
}
}Saves notes on an assessment
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
The list of notes to save to the assessment. Duplicate aspectIds between notes are not allowed.
required | Array of objects (saveAspectTextMetadataRequest) |
{- "notes": [
- {
- "aspectId": "string",
- "value": "string"
}
]
}{- "message": "string"
}Retrieves the assessment profiles for a business unit
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
{- "message": "string",
- "response": {
- "profiles": [
- {
- "profileId": "string",
- "subcategories": [
- "string"
]
}
], - "assessmentTypeId": "string",
- "businessUnitId": "string",
- "assessmentId": "string"
}
}Retrieves the results for an assessment
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
| profileId | string The ID of the profile to retrieve scores for |
{- "message": "string",
- "response": {
- "businessUnitId": "string",
- "assessmentId": "string",
- "assessmentTypeId": "string",
- "scoreLabels": [
- {
- "subId": "string",
- "abbr": "string",
- "name": "string"
}
], - "targetLabels": [
- {
- "subId": "string",
- "abbr": "string",
- "name": "string"
}
], - "profileId": "string",
- "scores": [
- {
- "itemId": "string",
- "aspectPercentDone": 0,
- "aspectTotalAnswerCount": 0,
- "aspectTotalCount": 0,
- "percentDone": 0,
- "percentOfTarget": 0,
- "questionCount": 0,
- "score": 0,
- "subs": [
- {
- "subId": "string",
- "answerCount": 0,
- "percentDone": 0,
- "percentOfTarget": 0,
- "questionCount": 0,
- "score": 0,
- "target": 0,
- "weight": 0,
- "weightLabel": "string"
}
], - "target": 0,
- "weight": 0,
- "weightLabel": "string"
}
], - "ignoredQuestions": [
- "string"
]
}
}Save scores on as assessment
| businessUnitId required | string The ID of the business unit that owns the assessment |
| assessmentId required | string The ID of the assessment to save scores on |
The list of scores to save to the assessment. Either "score" or "unknown" is required on each score, but both cannot be provided on a single score.
required | Array of objects (saveScoreRequest) |
{- "scores": [
- {
- "aspectId": "string",
- "score": 0,
- "unknown": true
}
]
}{- "message": "string"
}Save targets on an assessment
| businessUnitId required | string The ID of the business unit that owns the assessment |
| assessmentId required | string The ID of the assessment to save targets on |
A list of targets to save to the assessment. Needs at least "target" or "weight" defined on each target. Both can be defined.
required | Array of objects (saveTargetRequest) |
{- "targets": [
- {
- "aspectId": "string",
- "target": 0,
- "weight": "LOW"
}
]
}{- "message": "string"
}Sets ignore status on a list of questions
| businessUnitId required | string The ID of the business unit to ignore questions on |
| contentTypeId required | string The ID of the content type used for the questions |
A list of questions to save ignore status on
required | Array of objects (ignoredQuestionRequest) |
{- "ignoredQuestions": [
- {
- "aspectId": "string",
- "ignored": true
}
]
}{- "message": "string"
}Retrieves the content for an assessment
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment |
{- "message": "string",
- "response": {
- "businessUnitId": "string",
- "assessmentId": "string",
- "assessmentTypeId": "string",
- "content": null
}
}gets all the scenario families in a business unit
| businessUnitId required | string The ID of the business unit |
{- "message": "string",
- "response": {
- "scenarioFamilies": [
- {
- "scenarioFamilyName": "Default 01 - Fraud and Ransomware",
- "scenarioFamilyId": "584YU95ux8vuKhALajNh"
}
]
}
}gets a specific scenario family
| businessUnitId required | string The ID of the business unit |
| scenarioFamilyId required | string Unique identifier for the scenario family. |
{- "message": "string",
- "response": {
- "scenarioFamilyName": "Default 01 - Fraud and Ransomware",
- "scenarioFamilyId": "584YU95ux8vuKhALajNh",
- "description": "Cybercriminal organizations and independent actors targeting organizations rich in financial data for monetary gain",
- "assessmentId": "yJh6dtjIiyGuTf36qV8R",
- "scopeCategories": [
- {
- "name": "Threat Frequency",
- "scopeItems": [
- {
- "lexicon": "threat-community",
- "values": [
- "Organized Crime Groups: _All",
- "Independent Cybercriminals: _All"
]
}
], - "narrativeJustification": "ransomware is a particularly dangerous threat for our company because of the sensitive data we handle",
- "keyConsiderations": "this is a higher priority threat vector for our company"
}
], - "notes": [
- {
- "lexiconPath": "threat-community|Script Kiddies",
- "note": "competing community"
}
]
}
}gets all the scenarios in a scenario family
| businessUnitId required | string The ID of the business unit |
| scenarioFamilyId required | string Unique identifier for the scenario family. |
{- "message": "string",
- "response": {
- "scenarios": [
- {
- "scenarioName": "Insider Threats",
- "scenarioId": "NanXEvGH3D35zR8F8j4h"
}
]
}
}gets a specific scenario
| businessUnitId required | string The ID of the business unit |
| scenarioFamilyId required | string Unique identifier for the scenario family. |
| scenarioId required | string Unique identifier for the scenario. |
{- "message": "string",
- "response": {
- "lastRun": {
- "simulationResults": {
- "minALE": 0.1,
- "aveALE": 0.1,
- "maxALE": 0.1,
- "modeALE": 0.1,
- "percentiles": [
- {
- "percentile": 0.01,
- "loss": 5.853759876731206e+44
}
]
}, - "runSimulationParameters": {
- "scenarioName": "string",
- "businessUnitId": "string",
- "sampleCount": 0,
- "factors": [
- {
- "index": 0,
- "lambda": 0,
- "mu": 0,
- "name": "string",
- "probabilityDistribution": "string",
- "shortName": "string",
- "sigma": 0,
- "units": "string",
- "description": "string",
- "min": 0,
- "max": 0,
- "mode": 0,
- "comment": "string",
- "lossMagnitudeOption": "string",
- "enabled": true,
- "suggestedValuePresets": {
- "actorType": "External - Hacktivist",
- "frequencyPreset": "Attack Vector: Malware"
}
}
]
}, - "factorStatistics": [
- {
- "factorName": "string",
- "minALE": 0.1,
- "aveALE": 0.1,
- "maxALE": 0.1,
- "modeALE": 0.1,
- "percentiles": [
- {
- "percentile": 0.01,
- "loss": 5.853759876731206e+44
}
]
}
], - "lastRunTime": "2019-08-24T14:15:22Z",
- "userId": "66c55a49-1d1d-494e-8c39-12b70fceb1dd"
}, - "lastSavedAt": "2019-08-24T14:15:22Z",
- "lastModifiedUserId": "66c55a49-1d1d-494e-8c39-12b70fceb1dd",
- "scopeData": {
- "scopeCategories": [
- {
- "name": "Threat Frequency",
- "scopeItems": [
- {
- "lexicon": "threat-community",
- "values": [
- "Organized Crime Groups: _All",
- "Independent Cybercriminals: _All"
]
}
], - "narrativeJustification": "ransomware is a particularly dangerous threat for our company because of the sensitive data we handle",
- "keyConsiderations": "this is a higher priority threat vector for our company"
}
], - "notes": [
- {
- "lexiconPath": "threat-community|Script Kiddies",
- "note": "competing community"
}
], - "scenarioFamilyId": "584YU95ux8vuKhALajNh",
- "effect": "The effect of the scenario on the business unit",
- "threat": "The threat of the scenario on the business unit",
- "asset": "The asset of the scenario on the business unit",
- "scenarioPurpose": "The purpose of the scenario on the business unit",
- "scenarioNarrativeAndDetail": "The narrative and detail of the scenario on the business unit"
}, - "id": "string",
- "scenarioName": "string",
- "factors": [
- {
- "index": 0,
- "lambda": 0,
- "mu": 0,
- "name": "string",
- "probabilityDistribution": "string",
- "shortName": "string",
- "sigma": 0,
- "units": "string",
- "description": "string",
- "min": 0,
- "max": 0,
- "mode": 0,
- "comment": "string",
- "lossMagnitudeOption": "string",
- "enabled": true,
- "suggestedValuePresets": {
- "actorType": "External - Hacktivist",
- "frequencyPreset": "Attack Vector: Malware"
}
}
]
}
}Retrieves UCF Common Control Ids for the assessment if they've been generated
| businessUnitId required | string The ID of the business unit |
| assessmentId required | string The ID of the assessment to retrieve details of |
{- "message": "string",
- "response": {
- "generatedAt": "2019-08-24T14:15:22Z",
- "generatedBy": "string",
- "mandatedControls": [
- {
- "ucfId": "string",
- "ucfControlId": 0,
- "ucfReferenceId": "string",
- "ostrichControlId": "string",
- "taggedText": "string",
- "matchedControls": [
- {
- "ucfId": "string",
- "name": "string"
}
]
}
]
}
}