Using the API

Overview

Vulnerability Mitigation App (VMA) empowers organizations to improve how they conduct their vulnerability prioritization within a business-context, simplify their risk assessment and impact analysis by using risky rule identification and correlation, and mitigate vulnerabilities using tickets submitted to SecureChange.

Most vulnerability providers have their own exposure scores, but they do not account for the context of access. The VMA API enables organizations to retrieve results of contextual correlation directly from the app. You can integrate these results in a Security Orchestration, Automation, and Response (SOAR) platform, IT Service Management (ITSM) tool or vulnerability prioritization and remediation system, or Security Information and Event Managemetn (SIEM) to utilize the results within your existing processes. The benefits of using contextual correlation in vulnerability management results in eliminating false positives from response programs, prioritizes remediation and mitigation efforts to reduce risk to your business, and does not require changing the processes by which your organization operates.

How Does It Work?

You use this endpoint and basic authentication to get the list of vulnerabilities from VMA:

GET https://<env>/apps/vma/api/vulnerabilities

The structure of the API request result includes the total number of vulnerabilities, metadata, and lists of assets and zones.