Targets

Targets

The targets are the assets related to Adevinta organization for which at least one vulnerability has been found. These can be domains, hostnames, web adresses, IPs, AWS Accounts, Docker images, Git repositories, etc.

Querying the API for targets

The Vulnerability Database API provides different methods to query information about the targets currently present in the system.

List Targets

List targets endpoint allows to query all the targets currently present in the Vulnerability Database.

curl -H "Content-Type: application/json" \
"https://vulnerabilitydb.example.com/targets"

Get Target

The Get Target endpoint allows to query information related with a particular target, specifying its ID.

curl -H "Content-Type: application/json" \
"https://vulnerabilitydb.example.com/targets/0205a902-64a7-4c77-8d00-5d4c8d06399a"

List Findings by Target

Sometimes we might want to know which findings are associated with a specific target. For example, we might want to know which findings are related with adevinta.com. The List Findings by Target endpoint allows us to do just that, specifying the target ID for which we want to list its findings. Because we are querying for findings, we can set status querystring param to filter only the ones that are currently OPEN or FIXED.

curl -H "Content-Type: application/json" \
"https://vulnerabilitydb.example.com/targets/2e379d3a-9fe6-4edb-8f81-dd476d9568f2/findings?status=OPEN"

List Issues by Target

Similar to List Findings by Target, this endpoint allows to query the list of issues that at some point were found for a specific target.

curl -H "Content-Type: application/json" \
"https://vulnerabilitydb.example.com/targets/2e379d3a-9fe6-4edb-8f81-dd476d9568f2/issues"

Get Finding by Target and Issue

This endpoint allows users to get the data for the finding correspondent to a specific target and issue.

curl -H "Content-Type: application/json" \
"https://vulnerabilitydb.example.com/targets/dc7fdc6c-e9d2-4e63-9ef1-ffce36ad6352/issues/c6a1099c-6141-415c-8fd8-30d68aedb90c"

Target MTTR

MTTR stands for Mean Time To Remediate, and is the average time that elapses since the vulnerability is found until it is fixed. This endpoint allows to query that average time for vulnerabilities related to a particular target.

curl -H "Content-Type: application/json" \
"https://vulnerabilitydb.example.com/targets/2e379d3a-9fe6-4edb-8f81-dd476d9568f2/mttr"