Qodex.ai

Cisco Kenna Security API

Number of APIs: 95

Use steps: Update authorization tab with your API code and then proceed to the API requests you require which are grouped by function (assets, vulnerabilities, etc)

This is a list of API calls that can be leveraged to get the most out of the Kenna Platform. The most current documentation can be found at: https://apidocs.kennasecurity.com/reference#reference-getting-started

Getting Started This page will help you get started with Kenna Platform API.

No connector available yet for one of your security tools? No problem. You can push vulnerabilities from any external system into Kenna using our simple, secure API. Enterprise integration has never been easier.

The API is organized around REST to have predictable, resource-oriented URLs and to use HTTP response codes to indicate errors. We use HTTP verbs, which can be understood by off-the-shelf HTTP clients and libraries. The API utilizes JSON as the data exchange format.

All API calls must be made over HTTPS and be accompanied by a valid token parameter.

Your Kenna API root path depends on your Kenna URL. In most cases the API root path will be https://{{API_URL}}, assuming your Kenna instance url is https://mycompany.kennasecurity.com/.

If you have an instance in the EU or in a private environment, your Kenna instance URL will include additional subdomain components, such as https://mycompany.eu.kennasecurity.com. In that case, only the instance specific hostname component (mycompany in the example) is replaced with api, so an instance with an EU address will use the EU api address of https://api.eu.kennasecurity.com/.

SUGGEST EDITS Authentication

Access to the API is controlled using a token. Every account has a token generated when the account is created.

You may locate and change your API token by logging in and clicking your company's name in the upper right hand corner. In the dropdown that appears, chose 'API Keys'. Your API token will be listed first in the table found on the applications page. You would replace in the example below with your API token.

All API requests must be made over HTTPS. Calls made over plain HTTP will fail. You must authenticate for all requests.

Requests are limited to a maximum of 5 requests per second. If you exceed this limit, your request will receive a β€œ429: Too Many Requests" status code response.

SUGGEST EDITS Parameters

Many API methods take optional parameters. For GET requests, parameters are specified as a segment in the path. For example if you were requesting data regarding a vulnerability with an id of 100:

Request Response curl -H X-Risk-Token: https://{{API_URL}}/vulnerabilities/100 -X GET For most POST requests, parameters are encoded as JSON, with a Content-Type of 'application/json':

Request Response curl -H X-Risk-Token: -H Content-Type: application/json https://{{APIURL}}/vulnerabilities -X POST -d '{ vulnerability: { "wascid:WASC-01, primary_locator:url, url:http://www.example.com } }' Note: The Content-Type parameter should be omitted for specific POST request endpoints, such as theUpload Data File" endpoint.

Larger record sets are paginated by 500. For example, when requesting your list of vulnerabilities. To page through the record set, you pass a page parameter. Each paginated response includes meta data containing the current page and the total number of pages. Page limit is currently set to 20. Pages are 1-indexed based.

Request Response curl -H X-Risk-Token: https://{{API_URL}}/vulnerabilities/?page=3 -X GET SUGGEST EDITS Data Types

The API utilizes JSON as the data exchange format.

Request Response curl -H X-Risk-Token: https://{{API_URL}}/vulnerabilities/100 -X GET SUGGEST EDITS Errors

In the case of an error, the appropriate HTTP status code will be returned in the response header. In addition, the response body will contain a JSON formatted description of what went wrong. The JSON will contain an error attribute, and may contain a more explanatory message attribute as well. It also includes a success attribute with a value of false.

Request Response curl -H X-Risk-Token: https://{{API_URL}}/assets/100 -X PUT -d {priority:-1} SUGGEST EDITS HTTP Status Codes

The following HTTP status codes are returned by the API.

Code Meaning 102 Processing 200 OK 201 Created 204 No Content 400 Bad Request 401 Unauthorized 404 Not Found 409 Conflict 412 Precondition Failed 422 Unprocessable Entity 429 Too Many Requests (more than 5 per second) 500 Internal Server Error SUGGEST EDITS Pagination

Requests that return multiple items will be paginated to 1000 items at a time, by default. You can request further pages with the page parameter, and/or change the number of items returned with the per_page parameter. Note that page numbering is 1-based and that omitting the page parameter will return the first page.

  1. Vulnerabilities - Bulk Delete Vulnerabilities DELETE https://{{API_URL}}/vulnerabilities/bulk_delete

  2. Vulnerabilities - Download Zipped Data GET https://{{API_URL}}/vulnerabilities/download_data_zip

  3. Asset Groups - Show Top Fix Groups GET https://{{API_URL}}/asset_groups/:id/top_fixes

  4. Audit Log Search - Audit Log Search GET https://{{API_URL}}/audit_logs?start_date=2020-11-01&end_date=2020-11-28

  5. Dashboard Groups (Views) - List Dashboard Groups GET https://{{API_URL}}/dashboard_groups

  6. Connector Runs - Run Connector GET https://{{API_URL}}/connectors/:id/run

  7. Fixes - Search Fixes GET https://{{API_URL}}/fixes/search

  8. KENNA.VI+ - List Vulnerability Definitions GET https://{{API_URL}}/vulnerability_definitions?cves=string

  9. Vulnerabilities - List Vulnerabilities GET https://{{API_URL}}/vulnerabilities

  10. Users - Update User PUT https://{{API_URL}}/users/:id