API docs by Redocly

CISO Assistant API — Risk Management (0.7.0)

Download OpenAPI specification:

CISO Assistant - API Documentation for automating all your GRC needs

risk-acceptances

risk_acceptances_list

Override the list method to inject optimized data into the serializer context.

Authorizations:
knoxApiToken
query Parameters
approver
Array of strings <uuid> [ items <uuid > ]
expiry_date
string <date>
expiry_date__gt
string <date>
expiry_date__gte
string <date>
expiry_date__lt
string <date>
expiry_date__lte
string <date>
expiry_date__month
number
expiry_date__year
number
folder
Array of strings <uuid> [ items <uuid > ]
id
Array of strings <uuid> [ items <uuid > ]

Multiple values may be separated by commas.

limit
integer

Number of results to return per page.

offset
integer

The initial index from which to return the results.

ordering
string

Which field to use when ordering the results.

risk_scenarios
Array of strings <uuid> [ items <uuid > ]
search
string

A search term.

state
Array of strings
Items Enum: "accepted" "created" "rejected" "revoked" "submitted"
  • created - Created
  • submitted - Submitted
  • accepted - Accepted
  • rejected - Rejected
  • revoked - Revoked
to_review
boolean

Responses

Response samples

Content type
application/json
{
  • "count": 123,
  • "next": "http://api.example.org/accounts/?offset=400&limit=100",
  • "previous": "http://api.example.org/accounts/?offset=200&limit=100",
  • "results": [
    ]
}

risk_acceptances_create

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
Request Body schema:
required
is_published
boolean (Published)
name
required
string <= 200 characters
description
string or null
expiry_date
string or null <date>

Specify when the risk acceptance will no longer apply

justification
string or null <= 500 characters
folder
string <uuid>
approver
string or null <uuid>

Risk owner and approver identity

risk_scenarios
required
Array of strings <uuid> [ items <uuid > ]

Select the risk scenarios to be accepted, attention they must be part of the chosen domain

Responses

Request samples

Content type
{
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "expiry_date": "2019-08-24",
  • "justification": "string",
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
  • "risk_scenarios": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "expiry_date": "2019-08-24",
  • "justification": "string",
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
  • "risk_scenarios": [
    ]
}

risk_acceptances_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "path": "string",
  • "folder": "string",
  • "risk_scenarios": [
    ],
  • "approver": "string",
  • "state": "string",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "expiry_date": "2019-08-24",
  • "accepted_at": "2019-08-24T14:15:22Z",
  • "rejected_at": "2019-08-24T14:15:22Z",
  • "revoked_at": "2019-08-24T14:15:22Z",
  • "justification": "string"
}

risk_acceptances_update

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Request Body schema:
required
is_published
boolean (Published)
name
required
string <= 200 characters
description
string or null
expiry_date
string or null <date>

Specify when the risk acceptance will no longer apply

justification
string or null <= 500 characters
folder
string <uuid>
approver
string or null <uuid>

Risk owner and approver identity

risk_scenarios
required
Array of strings <uuid> [ items <uuid > ]

Select the risk scenarios to be accepted, attention they must be part of the chosen domain

Responses

Request samples

Content type
{
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "expiry_date": "2019-08-24",
  • "justification": "string",
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
  • "risk_scenarios": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "expiry_date": "2019-08-24",
  • "justification": "string",
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
  • "risk_scenarios": [
    ]
}

risk_acceptances_partial_update

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Request Body schema:
is_published
boolean (Published)
name
string <= 200 characters
description
string or null
expiry_date
string or null <date>

Specify when the risk acceptance will no longer apply

justification
string or null <= 500 characters
folder
string <uuid>
approver
string or null <uuid>

Risk owner and approver identity

risk_scenarios
Array of strings <uuid> [ items <uuid > ]

Select the risk scenarios to be accepted, attention they must be part of the chosen domain

Responses

Request samples

Content type
{
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "expiry_date": "2019-08-24",
  • "justification": "string",
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
  • "risk_scenarios": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "expiry_date": "2019-08-24",
  • "justification": "string",
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
  • "risk_scenarios": [
    ]
}

risk_acceptances_destroy

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Responses

risk_acceptances_accept_create

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Responses

risk_acceptances_cascade_info_retrieve

Cascade preview:

  • deleted: objects actually deleted by cascade
  • affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)
Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Responses

risk_acceptances_draft_create

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Responses

risk_acceptances_object_retrieve

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Responses

risk_acceptances_reject_create

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Responses

risk_acceptances_revoke_create

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Responses

risk_acceptances_submit_create

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk acceptance.

Responses

risk_acceptances_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:
knoxApiToken

Responses

risk_acceptances_state_retrieve

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_acceptances_to_review_retrieve

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_acceptances_waiting_retrieve

API endpoint that allows risk acceptance to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk-assessments

risk_assessments_list

Override the list method to inject optimized data into the serializer context.

Authorizations:
knoxApiToken
query Parameters
authors
Array of strings <uuid> [ items <uuid > ]
due_date
string <date>
due_date__month
number
due_date__year
number
ebios_rm_study
Array of strings <uuid> [ items <uuid > ]
folder
Array of strings <uuid> [ items <uuid > ]
genericcollection
Array of strings <uuid> [ items <uuid > ]
id
Array of strings <uuid> [ items <uuid > ]

Multiple values may be separated by commas.

limit
integer

Number of results to return per page.

name
string
offset
integer

The initial index from which to return the results.

ordering
string

Which field to use when ordering the results.

perimeter
Array of strings <uuid> [ items <uuid > ]
ref_id
string
reviewers
Array of strings <uuid> [ items <uuid > ]
risk_matrix
Array of strings <uuid> [ items <uuid > ]
search
string

A search term.

status
Array of strings or null
Items Enum: "--" "deprecated" "done" "in_progress" "in_review" "planned"
  • planned - Planned
  • in_progress - In progress
  • in_review - In review
  • done - Done
  • deprecated - Deprecated
  • -- - --

Responses

Response samples

Content type
application/json
{
  • "count": 123,
  • "next": "http://api.example.org/accounts/?offset=400&limit=100",
  • "previous": "http://api.example.org/accounts/?offset=200&limit=100",
  • "results": [
    ]
}

risk_assessments_create

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
Request Body schema:
required
is_published
boolean (Published)
name
required
string <= 200 characters
description
string or null
eta
string or null <date>
due_date
string or null <date>
version
string or null <= 100 characters

Version of the compliance assessment (eg. 1.0, 2.0, etc.)

(Status6d9Enum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
observation
string or null
is_locked
boolean or null
risk_tolerance
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
ref_id
string or null (Reference id) <= 100 characters
auto_sync
boolean (Automatic sync to actions)
folder
string <uuid>
perimeter
string or null <uuid>
risk_matrix
required
string <uuid>

WARNING! After choosing it, you will not be able to change it

ebios_rm_study
string or null <uuid>
reviewers
Array of strings <uuid> [ items <uuid > ]
authors
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "eta": "2019-08-24",
  • "due_date": "2019-08-24",
  • "version": "string",
  • "status": "planned",
  • "observation": "string",
  • "is_locked": true,
  • "risk_tolerance": -9223372036854776000,
  • "ref_id": "string",
  • "auto_sync": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "perimeter": "bf619ff5-f1a2-4505-92b9-0c56e7a44b98",
  • "risk_matrix": "d6be139d-8169-4642-9d1a-53f73ea1eead",
  • "ebios_rm_study": "019f9149-9ac5-4691-aa4e-bfcac1d85213",
  • "reviewers": [
    ],
  • "authors": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "eta": "2019-08-24",
  • "due_date": "2019-08-24",
  • "version": "string",
  • "status": "planned",
  • "observation": "string",
  • "is_locked": true,
  • "risk_tolerance": -9223372036854776000,
  • "ref_id": "string",
  • "auto_sync": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "perimeter": "bf619ff5-f1a2-4505-92b9-0c56e7a44b98",
  • "risk_matrix": "d6be139d-8169-4642-9d1a-53f73ea1eead",
  • "ebios_rm_study": "019f9149-9ac5-4691-aa4e-bfcac1d85213",
  • "reviewers": [
    ],
  • "authors": [
    ]
}

risk_assessments_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "path": "string",
  • "perimeter": "string",
  • "authors": [
    ],
  • "reviewers": [
    ],
  • "folder": "string",
  • "str": "string",
  • "risk_scenarios": [
    ],
  • "risk_scenarios_count": 0,
  • "risk_matrix": "string",
  • "ebios_rm_study": "string",
  • "validation_flows": [
    ],
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "eta": "2019-08-24",
  • "due_date": "2019-08-24",
  • "version": "string",
  • "status": "planned",
  • "observation": "string",
  • "is_locked": true,
  • "risk_tolerance": -9223372036854776000,
  • "ref_id": "string",
  • "auto_sync": true
}

risk_assessments_update

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Request Body schema:
required
is_published
boolean (Published)
name
required
string <= 200 characters
description
string or null
eta
string or null <date>
due_date
string or null <date>
version
string or null <= 100 characters

Version of the compliance assessment (eg. 1.0, 2.0, etc.)

(Status6d9Enum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
observation
string or null
is_locked
boolean or null
risk_tolerance
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
ref_id
string or null (Reference id) <= 100 characters
auto_sync
boolean (Automatic sync to actions)
folder
string <uuid>
perimeter
string or null <uuid>
risk_matrix
required
string <uuid>

WARNING! After choosing it, you will not be able to change it

ebios_rm_study
string or null <uuid>
reviewers
Array of strings <uuid> [ items <uuid > ]
authors
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "eta": "2019-08-24",
  • "due_date": "2019-08-24",
  • "version": "string",
  • "status": "planned",
  • "observation": "string",
  • "is_locked": true,
  • "risk_tolerance": -9223372036854776000,
  • "ref_id": "string",
  • "auto_sync": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "perimeter": "bf619ff5-f1a2-4505-92b9-0c56e7a44b98",
  • "risk_matrix": "d6be139d-8169-4642-9d1a-53f73ea1eead",
  • "ebios_rm_study": "019f9149-9ac5-4691-aa4e-bfcac1d85213",
  • "reviewers": [
    ],
  • "authors": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "eta": "2019-08-24",
  • "due_date": "2019-08-24",
  • "version": "string",
  • "status": "planned",
  • "observation": "string",
  • "is_locked": true,
  • "risk_tolerance": -9223372036854776000,
  • "ref_id": "string",
  • "auto_sync": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "perimeter": "bf619ff5-f1a2-4505-92b9-0c56e7a44b98",
  • "risk_matrix": "d6be139d-8169-4642-9d1a-53f73ea1eead",
  • "ebios_rm_study": "019f9149-9ac5-4691-aa4e-bfcac1d85213",
  • "reviewers": [
    ],
  • "authors": [
    ]
}

risk_assessments_partial_update

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Request Body schema:
is_published
boolean (Published)
name
string <= 200 characters
description
string or null
eta
string or null <date>
due_date
string or null <date>
version
string or null <= 100 characters

Version of the compliance assessment (eg. 1.0, 2.0, etc.)

(Status6d9Enum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
observation
string or null
is_locked
boolean or null
risk_tolerance
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
ref_id
string or null (Reference id) <= 100 characters
auto_sync
boolean (Automatic sync to actions)
folder
string <uuid>
perimeter
string or null <uuid>
risk_matrix
string <uuid>

WARNING! After choosing it, you will not be able to change it

ebios_rm_study
string or null <uuid>
reviewers
Array of strings <uuid> [ items <uuid > ]
authors
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "eta": "2019-08-24",
  • "due_date": "2019-08-24",
  • "version": "string",
  • "status": "planned",
  • "observation": "string",
  • "is_locked": true,
  • "risk_tolerance": -9223372036854776000,
  • "ref_id": "string",
  • "auto_sync": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "perimeter": "bf619ff5-f1a2-4505-92b9-0c56e7a44b98",
  • "risk_matrix": "d6be139d-8169-4642-9d1a-53f73ea1eead",
  • "ebios_rm_study": "019f9149-9ac5-4691-aa4e-bfcac1d85213",
  • "reviewers": [
    ],
  • "authors": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "eta": "2019-08-24",
  • "due_date": "2019-08-24",
  • "version": "string",
  • "status": "planned",
  • "observation": "string",
  • "is_locked": true,
  • "risk_tolerance": -9223372036854776000,
  • "ref_id": "string",
  • "auto_sync": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "perimeter": "bf619ff5-f1a2-4505-92b9-0c56e7a44b98",
  • "risk_matrix": "d6be139d-8169-4642-9d1a-53f73ea1eead",
  • "ebios_rm_study": "019f9149-9ac5-4691-aa4e-bfcac1d85213",
  • "reviewers": [
    ],
  • "authors": [
    ]
}

risk_assessments_destroy

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_action_plan_list

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>
query Parameters
limit
integer

Number of results to return per page.

offset
integer

The initial index from which to return the results.

ordering
string

Which field to use when ordering the results.

search
string

A search term.

Responses

Response samples

Content type
application/json
{
  • "count": 123,
  • "next": "http://api.example.org/accounts/?offset=400&limit=100",
  • "previous": "http://api.example.org/accounts/?offset=200&limit=100",
  • "results": [
    ]
}

risk_assessments_action_plan_budget_overview_list

Mixin that computes budget aggregation over an applied controls queryset.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>
query Parameters
limit
integer

Number of results to return per page.

offset
integer

The initial index from which to return the results.

ordering
string

Which field to use when ordering the results.

search
string

A search term.

Responses

Response samples

Content type
application/json
{
  • "count": 123,
  • "next": "http://api.example.org/accounts/?offset=400&limit=100",
  • "previous": "http://api.example.org/accounts/?offset=200&limit=100",
  • "results": [
    ]
}

risk_assessments_action_plan_excel_retrieve

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_action_plan_pdf_retrieve

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_cascade_info_retrieve

Cascade preview:

  • deleted: objects actually deleted by cascade
  • affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)
Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_convert_to_quantitative_create

Convert a qualitative risk assessment to a quantitative risk study.

Expected payload: { "probability_anchors": [{"index": 0, "value": 0.05}, ...], "impact_anchors": [{"index": 0, "central_value": 25000}, ...], "loss_threshold": 100000 }

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_duplicate_create

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_object_retrieve

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_quality_check_retrieve_2

Returns the quality check of the risk_assessment

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_risk_analytics_retrieve

Analytics data for a single risk assessment.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_risk_assessment_csv_retrieve

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_risk_assessment_pdf_retrieve

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_risk_assessment_xlsx_retrieve

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_risk_timeline_retrieve

Returns risk metrics over time from BuiltinMetricSample snapshots.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_sync_to_actions_create

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_sync_from_ebios_rm_create

Synchronize an existing risk assessment with its linked EBIOS RM study. Updates existing risk scenarios, adds new ones, and archives outdated ones.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk assessment.

Responses

risk_assessments_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:
knoxApiToken

Responses

risk_assessments_per_status_retrieve

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_assessments_quality_check_retrieve

Returns the quality check of the risk assessments

Authorizations:
knoxApiToken

Responses

risk_assessments_status_retrieve

API endpoint that allows risk assessments to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk-matrices

risk_matrices_list

Override the list method to inject optimized data into the serializer context.

Authorizations:
knoxApiToken
query Parameters
folder
Array of strings <uuid> [ items <uuid > ]
id
Array of strings <uuid> [ items <uuid > ]

Multiple values may be separated by commas.

is_enabled
boolean
limit
integer

Number of results to return per page.

offset
integer

The initial index from which to return the results.

ordering
string

Which field to use when ordering the results.

provider
string
search
string

A search term.

Responses

Response samples

Content type
application/json
{
  • "count": 123,
  • "next": "http://api.example.org/accounts/?offset=400&limit=100",
  • "previous": "http://api.example.org/accounts/?offset=200&limit=100",
  • "results": [
    ]
}

risk_matrices_create

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken
Request Body schema:
required
name
required
string
description
required
string or null
annotation
required
string or null
json_definition
required
any
is_published
boolean (Published)
editing_version
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

Incremented on each publish.

urn
string or null <= 255 characters
ref_id
string or null (Reference ID) <= 100 characters
provider
string or null <= 200 characters
locale
string <= 100 characters
default_locale
boolean
is_enabled
boolean (Enabled)

If the risk matrix is set as disabled, it will not be available for selection for new risk assessments.

Responses

Request samples

Content type
{
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "json_definition": null,
  • "is_published": true,
  • "editing_version": -9223372036854776000,
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_enabled": true
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "folder": "string",
  • "json_definition": null,
  • "library": "string",
  • "has_editing_draft": "string",
  • "editing_languages": "string",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "editing_version": -9223372036854776000,
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_enabled": true
}

risk_matrices_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "folder": "string",
  • "json_definition": null,
  • "library": "string",
  • "has_editing_draft": "string",
  • "editing_languages": "string",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "editing_version": -9223372036854776000,
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_enabled": true
}

risk_matrices_update

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Request Body schema:
required
name
required
string
description
required
string or null
annotation
required
string or null
json_definition
required
any
is_published
boolean (Published)
editing_version
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

Incremented on each publish.

urn
string or null <= 255 characters
ref_id
string or null (Reference ID) <= 100 characters
provider
string or null <= 200 characters
locale
string <= 100 characters
default_locale
boolean
is_enabled
boolean (Enabled)

If the risk matrix is set as disabled, it will not be available for selection for new risk assessments.

Responses

Request samples

Content type
{
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "json_definition": null,
  • "is_published": true,
  • "editing_version": -9223372036854776000,
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_enabled": true
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "folder": "string",
  • "json_definition": null,
  • "library": "string",
  • "has_editing_draft": "string",
  • "editing_languages": "string",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "editing_version": -9223372036854776000,
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_enabled": true
}

risk_matrices_partial_update

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Request Body schema:
name
string
description
string or null
annotation
string or null
json_definition
any
is_published
boolean (Published)
editing_version
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

Incremented on each publish.

urn
string or null <= 255 characters
ref_id
string or null (Reference ID) <= 100 characters
provider
string or null <= 200 characters
locale
string <= 100 characters
default_locale
boolean
is_enabled
boolean (Enabled)

If the risk matrix is set as disabled, it will not be available for selection for new risk assessments.

Responses

Request samples

Content type
{
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "json_definition": null,
  • "is_published": true,
  • "editing_version": -9223372036854776000,
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_enabled": true
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "folder": "string",
  • "json_definition": null,
  • "library": "string",
  • "has_editing_draft": "string",
  • "editing_languages": "string",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "editing_version": -9223372036854776000,
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_enabled": true
}

risk_matrices_destroy

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

risk_matrices_cascade_info_retrieve

Cascade preview:

  • deleted: objects actually deleted by cascade
  • affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)
Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

risk_matrices_create_draft_from_create

Clone an existing matrix into a new unpublished RiskMatrix with editing_draft.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

risk_matrices_discard_draft_create

Discard editing_draft without affecting json_definition.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

risk_matrices_export_yaml_retrieve

Export a matrix as a library-compatible YAML file.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

risk_matrices_object_retrieve

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

risk_matrices_publish_draft_create

Publish editing_draft → json_definition, snapshot history, bump version.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

risk_matrices_save_draft_partial_update

Update editing_draft with current WIP. Metadata stays draft-scoped until publish.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

risk_matrices_start_editing_create

Copy json_definition into editing_draft to begin editing.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this risk matrix.

Responses

risk_matrices_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:
knoxApiToken

Responses

risk_matrices_colors_retrieve

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_matrices_create_draft_create

Create a new unpublished RiskMatrix with an editing_draft for the visual editor.

Authorizations:
knoxApiToken

Responses

risk_matrices_ids_retrieve

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_matrices_impact_retrieve

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_matrices_import_yaml_create

Import a library YAML file and create a new draft matrix from it.

Authorizations:
knoxApiToken

Responses

risk_matrices_probability_retrieve

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_matrices_provider_retrieve

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_matrices_risk_retrieve

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_matrices_used_retrieve

API endpoint that allows risk matrices to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk-scenarios

risk_scenarios_list

Override the list method to inject optimized data into the serializer context.

Authorizations:
knoxApiToken
query Parameters
applied_controls
Array of strings <uuid> [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]
current_impact
integer
current_level
integer
current_proba
integer
exclude
string <uuid>

Exclude scenario

existing_applied_controls
Array of strings <uuid> [ items <uuid > ]
filtering_labels
Array of strings <uuid> [ items <uuid > ]
folder
string <uuid>

Folder ID

id
Array of strings <uuid> [ items <uuid > ]

Multiple values may be separated by commas.

limit
integer

Number of results to return per page.

name
string
offset
integer

The initial index from which to return the results.

ordering
string

Which field to use when ordering the results.

owner
Array of strings <uuid> [ items <uuid > ]
perimeter
string <uuid>

Perimeter ID

qualifications
Array of strings <uuid> [ items <uuid > ]
residual_impact
integer
residual_level
integer
residual_proba
integer
risk_assessment
Array of strings <uuid> [ items <uuid > ]
search
string

A search term.

security_exceptions
Array of strings <uuid> [ items <uuid > ]
threats
Array of strings <uuid> [ items <uuid > ]
treatment
Array of strings (Treatment status)
Items Enum: "accept" "avoid" "mitigate" "open" "transfer"
  • open - Open
  • mitigate - Mitigate
  • accept - Accept
  • avoid - Avoid
  • transfer - Transfer
within_tolerance
string
Enum: "--" "NO" "YES"
  • YES - YES
  • NO - NO
  • -- - --

Responses

Response samples

Content type
application/json
{
  • "count": 123,
  • "next": "http://api.example.org/accounts/?offset=400&limit=100",
  • "previous": "http://api.example.org/accounts/?offset=200&limit=100",
  • "results": [
    ]
}

risk_scenarios_create

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken
Request Body schema:
required
is_published
boolean (Published)
name
required
string <= 200 characters
description
string or null
existing_controls
string <= 2000 characters

The existing controls to manage this risk. Edit the risk scenario to add extra applied controls.

inherent_proba
integer <int64> (Inherent probability) [ -9223372036854776000 .. 9223372036854776000 ]
inherent_impact
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
inherent_level
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The risk level if no measures are applied. Automatically updated on Save, based on the chosen risk matrix

current_proba
integer <int64> (Current probability) [ -9223372036854776000 .. 9223372036854776000 ]
current_impact
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
current_level
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The risk level given the current measures. Automatically updated on Save, based on the chosen risk matrix

residual_proba
integer <int64> (Residual probability) [ -9223372036854776000 .. 9223372036854776000 ]
residual_impact
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
residual_level
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The risk level when all the extra measures are done. Automatically updated on Save, based on the chosen risk matrix

treatment
string (Treatment status)
Enum: "open" "mitigate" "accept" "avoid" "transfer"
  • open - Open
  • mitigate - Mitigate
  • accept - Accept
  • avoid - Avoid
  • transfer - Transfer
ref_id
string (Reference ID) <= 100 characters
strength_of_knowledge
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The strength of the knowledge supporting the assessment

justification
string or null <= 2000 characters
risk_assessment
required
string <uuid> (RiskAssessment)
operational_scenario
string or null <uuid>

EBIOS RM operational scenario that generated this risk scenario

risk_origin
string or null <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]

Assets impacted by the risk scenario

vulnerabilities
Array of strings <uuid> [ items <uuid > ]

Vulnerabities exploited by the risk scenario

applied_controls
Array of strings <uuid> [ items <uuid > ]
threats
Array of strings <uuid> [ items <uuid > ]
antecedent_scenarios
Array of strings <uuid> [ items <uuid > ]

Risk scenarios that precede this scenario

existing_applied_controls
Array of strings <uuid> (Existing Applied controls) [ items <uuid > ]
owner
Array of strings <uuid> [ items <uuid > ]
qualifications
Array of strings <uuid> [ items <uuid > ]
security_exceptions
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "existing_controls": "string",
  • "inherent_proba": -9223372036854776000,
  • "inherent_impact": -9223372036854776000,
  • "inherent_level": -9223372036854776000,
  • "current_proba": -9223372036854776000,
  • "current_impact": -9223372036854776000,
  • "current_level": -9223372036854776000,
  • "residual_proba": -9223372036854776000,
  • "residual_impact": -9223372036854776000,
  • "residual_level": -9223372036854776000,
  • "treatment": "open",
  • "ref_id": "string",
  • "strength_of_knowledge": -9223372036854776000,
  • "justification": "string",
  • "risk_assessment": "200d4fa3-e804-434a-ac9d-f07e196be5a6",
  • "operational_scenario": "6a00d15d-410e-4f35-8391-8526d7bfb4ad",
  • "risk_origin": "b45084bd-937b-4ed1-97d5-7097be45d1a5",
  • "filtering_labels": [
    ],
  • "assets": [
    ],
  • "vulnerabilities": [
    ],
  • "applied_controls": [
    ],
  • "threats": [
    ],
  • "antecedent_scenarios": [
    ],
  • "existing_applied_controls": [
    ],
  • "owner": [
    ],
  • "qualifications": [
    ],
  • "security_exceptions": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "risk_matrix": "d6be139d-8169-4642-9d1a-53f73ea1eead",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "existing_controls": "string",
  • "inherent_proba": -9223372036854776000,
  • "inherent_impact": -9223372036854776000,
  • "inherent_level": -9223372036854776000,
  • "current_proba": -9223372036854776000,
  • "current_impact": -9223372036854776000,
  • "current_level": -9223372036854776000,
  • "residual_proba": -9223372036854776000,
  • "residual_impact": -9223372036854776000,
  • "residual_level": -9223372036854776000,
  • "treatment": "open",
  • "ref_id": "string",
  • "strength_of_knowledge": -9223372036854776000,
  • "justification": "string",
  • "risk_assessment": "200d4fa3-e804-434a-ac9d-f07e196be5a6",
  • "operational_scenario": "6a00d15d-410e-4f35-8391-8526d7bfb4ad",
  • "risk_origin": "b45084bd-937b-4ed1-97d5-7097be45d1a5",
  • "filtering_labels": [
    ],
  • "assets": [
    ],
  • "vulnerabilities": [
    ],
  • "applied_controls": [
    ],
  • "threats": [
    ],
  • "antecedent_scenarios": [
    ],
  • "existing_applied_controls": [
    ],
  • "owner": [
    ],
  • "qualifications": [
    ],
  • "security_exceptions": [
    ]
}

risk_scenarios_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "risk_matrix": "string",
  • "str": "string",
  • "risk_assessment": "string",
  • "folder": "string",
  • "version": "string",
  • "operational_scenario": "string",
  • "threats": [
    ],
  • "assets": [
    ],
  • "qualifications": [
    ],
  • "risk_origin": "string",
  • "antecedent_scenarios": [
    ],
  • "treatment": "string",
  • "inherent_proba": null,
  • "inherent_impact": null,
  • "inherent_level": null,
  • "current_proba": null,
  • "current_impact": null,
  • "current_level": null,
  • "residual_proba": null,
  • "residual_impact": null,
  • "residual_level": null,
  • "strength_of_knowledge": null,
  • "applied_controls": [
    ],
  • "existing_applied_controls": [
    ],
  • "owner": [
    ],
  • "security_exceptions": [
    ],
  • "filtering_labels": [
    ],
  • "within_tolerance": "string",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "existing_controls": "string",
  • "ref_id": "string",
  • "justification": "string",
  • "vulnerabilities": [
    ]
}

risk_scenarios_update

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Request Body schema:
required
is_published
boolean (Published)
name
required
string <= 200 characters
description
string or null
existing_controls
string <= 2000 characters

The existing controls to manage this risk. Edit the risk scenario to add extra applied controls.

inherent_proba
integer <int64> (Inherent probability) [ -9223372036854776000 .. 9223372036854776000 ]
inherent_impact
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
inherent_level
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The risk level if no measures are applied. Automatically updated on Save, based on the chosen risk matrix

current_proba
integer <int64> (Current probability) [ -9223372036854776000 .. 9223372036854776000 ]
current_impact
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
current_level
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The risk level given the current measures. Automatically updated on Save, based on the chosen risk matrix

residual_proba
integer <int64> (Residual probability) [ -9223372036854776000 .. 9223372036854776000 ]
residual_impact
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
residual_level
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The risk level when all the extra measures are done. Automatically updated on Save, based on the chosen risk matrix

treatment
string (Treatment status)
Enum: "open" "mitigate" "accept" "avoid" "transfer"
  • open - Open
  • mitigate - Mitigate
  • accept - Accept
  • avoid - Avoid
  • transfer - Transfer
ref_id
string (Reference ID) <= 100 characters
strength_of_knowledge
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The strength of the knowledge supporting the assessment

justification
string or null <= 2000 characters
risk_assessment
required
string <uuid> (RiskAssessment)
operational_scenario
string or null <uuid>

EBIOS RM operational scenario that generated this risk scenario

risk_origin
string or null <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]

Assets impacted by the risk scenario

vulnerabilities
Array of strings <uuid> [ items <uuid > ]

Vulnerabities exploited by the risk scenario

applied_controls
Array of strings <uuid> [ items <uuid > ]
threats
Array of strings <uuid> [ items <uuid > ]
antecedent_scenarios
Array of strings <uuid> [ items <uuid > ]

Risk scenarios that precede this scenario

existing_applied_controls
Array of strings <uuid> (Existing Applied controls) [ items <uuid > ]
owner
Array of strings <uuid> [ items <uuid > ]
qualifications
Array of strings <uuid> [ items <uuid > ]
security_exceptions
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "existing_controls": "string",
  • "inherent_proba": -9223372036854776000,
  • "inherent_impact": -9223372036854776000,
  • "inherent_level": -9223372036854776000,
  • "current_proba": -9223372036854776000,
  • "current_impact": -9223372036854776000,
  • "current_level": -9223372036854776000,
  • "residual_proba": -9223372036854776000,
  • "residual_impact": -9223372036854776000,
  • "residual_level": -9223372036854776000,
  • "treatment": "open",
  • "ref_id": "string",
  • "strength_of_knowledge": -9223372036854776000,
  • "justification": "string",
  • "risk_assessment": "200d4fa3-e804-434a-ac9d-f07e196be5a6",
  • "operational_scenario": "6a00d15d-410e-4f35-8391-8526d7bfb4ad",
  • "risk_origin": "b45084bd-937b-4ed1-97d5-7097be45d1a5",
  • "filtering_labels": [
    ],
  • "assets": [
    ],
  • "vulnerabilities": [
    ],
  • "applied_controls": [
    ],
  • "threats": [
    ],
  • "antecedent_scenarios": [
    ],
  • "existing_applied_controls": [
    ],
  • "owner": [
    ],
  • "qualifications": [
    ],
  • "security_exceptions": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "risk_matrix": "d6be139d-8169-4642-9d1a-53f73ea1eead",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "existing_controls": "string",
  • "inherent_proba": -9223372036854776000,
  • "inherent_impact": -9223372036854776000,
  • "inherent_level": -9223372036854776000,
  • "current_proba": -9223372036854776000,
  • "current_impact": -9223372036854776000,
  • "current_level": -9223372036854776000,
  • "residual_proba": -9223372036854776000,
  • "residual_impact": -9223372036854776000,
  • "residual_level": -9223372036854776000,
  • "treatment": "open",
  • "ref_id": "string",
  • "strength_of_knowledge": -9223372036854776000,
  • "justification": "string",
  • "risk_assessment": "200d4fa3-e804-434a-ac9d-f07e196be5a6",
  • "operational_scenario": "6a00d15d-410e-4f35-8391-8526d7bfb4ad",
  • "risk_origin": "b45084bd-937b-4ed1-97d5-7097be45d1a5",
  • "filtering_labels": [
    ],
  • "assets": [
    ],
  • "vulnerabilities": [
    ],
  • "applied_controls": [
    ],
  • "threats": [
    ],
  • "antecedent_scenarios": [
    ],
  • "existing_applied_controls": [
    ],
  • "owner": [
    ],
  • "qualifications": [
    ],
  • "security_exceptions": [
    ]
}

risk_scenarios_partial_update

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Request Body schema:
is_published
boolean (Published)
name
string <= 200 characters
description
string or null
existing_controls
string <= 2000 characters

The existing controls to manage this risk. Edit the risk scenario to add extra applied controls.

inherent_proba
integer <int64> (Inherent probability) [ -9223372036854776000 .. 9223372036854776000 ]
inherent_impact
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
inherent_level
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The risk level if no measures are applied. Automatically updated on Save, based on the chosen risk matrix

current_proba
integer <int64> (Current probability) [ -9223372036854776000 .. 9223372036854776000 ]
current_impact
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
current_level
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The risk level given the current measures. Automatically updated on Save, based on the chosen risk matrix

residual_proba
integer <int64> (Residual probability) [ -9223372036854776000 .. 9223372036854776000 ]
residual_impact
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]
residual_level
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The risk level when all the extra measures are done. Automatically updated on Save, based on the chosen risk matrix

treatment
string (Treatment status)
Enum: "open" "mitigate" "accept" "avoid" "transfer"
  • open - Open
  • mitigate - Mitigate
  • accept - Accept
  • avoid - Avoid
  • transfer - Transfer
ref_id
string (Reference ID) <= 100 characters
strength_of_knowledge
integer <int64> [ -9223372036854776000 .. 9223372036854776000 ]

The strength of the knowledge supporting the assessment

justification
string or null <= 2000 characters
risk_assessment
string <uuid> (RiskAssessment)
operational_scenario
string or null <uuid>

EBIOS RM operational scenario that generated this risk scenario

risk_origin
string or null <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]

Assets impacted by the risk scenario

vulnerabilities
Array of strings <uuid> [ items <uuid > ]

Vulnerabities exploited by the risk scenario

applied_controls
Array of strings <uuid> [ items <uuid > ]
threats
Array of strings <uuid> [ items <uuid > ]
antecedent_scenarios
Array of strings <uuid> [ items <uuid > ]

Risk scenarios that precede this scenario

existing_applied_controls
Array of strings <uuid> (Existing Applied controls) [ items <uuid > ]
owner
Array of strings <uuid> [ items <uuid > ]
qualifications
Array of strings <uuid> [ items <uuid > ]
security_exceptions
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "existing_controls": "string",
  • "inherent_proba": -9223372036854776000,
  • "inherent_impact": -9223372036854776000,
  • "inherent_level": -9223372036854776000,
  • "current_proba": -9223372036854776000,
  • "current_impact": -9223372036854776000,
  • "current_level": -9223372036854776000,
  • "residual_proba": -9223372036854776000,
  • "residual_impact": -9223372036854776000,
  • "residual_level": -9223372036854776000,
  • "treatment": "open",
  • "ref_id": "string",
  • "strength_of_knowledge": -9223372036854776000,
  • "justification": "string",
  • "risk_assessment": "200d4fa3-e804-434a-ac9d-f07e196be5a6",
  • "operational_scenario": "6a00d15d-410e-4f35-8391-8526d7bfb4ad",
  • "risk_origin": "b45084bd-937b-4ed1-97d5-7097be45d1a5",
  • "filtering_labels": [
    ],
  • "assets": [
    ],
  • "vulnerabilities": [
    ],
  • "applied_controls": [
    ],
  • "threats": [
    ],
  • "antecedent_scenarios": [
    ],
  • "existing_applied_controls": [
    ],
  • "owner": [
    ],
  • "qualifications": [
    ],
  • "security_exceptions": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "risk_matrix": "d6be139d-8169-4642-9d1a-53f73ea1eead",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "is_published": true,
  • "name": "string",
  • "description": "string",
  • "existing_controls": "string",
  • "inherent_proba": -9223372036854776000,
  • "inherent_impact": -9223372036854776000,
  • "inherent_level": -9223372036854776000,
  • "current_proba": -9223372036854776000,
  • "current_impact": -9223372036854776000,
  • "current_level": -9223372036854776000,
  • "residual_proba": -9223372036854776000,
  • "residual_impact": -9223372036854776000,
  • "residual_level": -9223372036854776000,
  • "treatment": "open",
  • "ref_id": "string",
  • "strength_of_knowledge": -9223372036854776000,
  • "justification": "string",
  • "risk_assessment": "200d4fa3-e804-434a-ac9d-f07e196be5a6",
  • "operational_scenario": "6a00d15d-410e-4f35-8391-8526d7bfb4ad",
  • "risk_origin": "b45084bd-937b-4ed1-97d5-7097be45d1a5",
  • "filtering_labels": [
    ],
  • "assets": [
    ],
  • "vulnerabilities": [
    ],
  • "applied_controls": [
    ],
  • "threats": [
    ],
  • "antecedent_scenarios": [
    ],
  • "existing_applied_controls": [
    ],
  • "owner": [
    ],
  • "qualifications": [
    ],
  • "security_exceptions": [
    ]
}

risk_scenarios_destroy

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Responses

risk_scenarios_cascade_info_retrieve

Cascade preview:

  • deleted: objects actually deleted by cascade
  • affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)
Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Responses

risk_scenarios_impact_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Responses

risk_scenarios_object_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Responses

risk_scenarios_probability_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Responses

risk_scenarios_strength_of_knowledge_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Responses

risk_scenarios_sync_to_actions_create

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Risk scenario.

Responses

risk_scenarios_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:
knoxApiToken

Responses

risk_scenarios_count_per_level_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_scenarios_default_ref_id_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_scenarios_export_csv_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_scenarios_export_xlsx_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_scenarios_per_status_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_scenarios_qualifications_count_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken

Responses

risk_scenarios_treatment_retrieve

API endpoint that allows risk scenarios to be viewed or edited.

Authorizations:
knoxApiToken

Responses

threats

threats_list

Override the list method to inject optimized data into the serializer context.

Authorizations:
knoxApiToken
query Parameters
filtering_labels
Array of strings <uuid> [ items <uuid > ]
folder
Array of strings <uuid> [ items <uuid > ]
id
Array of strings <uuid> [ items <uuid > ]

Multiple values may be separated by commas.

library
Array of strings <uuid> [ items <uuid > ]
limit
integer

Number of results to return per page.

offset
integer

The initial index from which to return the results.

ordering
string

Which field to use when ordering the results.

provider
string
risk_scenarios
Array of strings <uuid> [ items <uuid > ]
search
string

A search term.

urn
string

Responses

Response samples

Content type
application/json
{
  • "count": 123,
  • "next": "http://api.example.org/accounts/?offset=400&limit=100",
  • "previous": "http://api.example.org/accounts/?offset=200&limit=100",
  • "results": [
    ]
}

threats_create

API endpoint that allows threats to be viewed or edited.

Authorizations:
knoxApiToken
Request Body schema:
urn
string or null <= 255 characters
ref_id
string or null (Reference ID) <= 100 characters
provider
string or null <= 200 characters
name
string or null <= 200 characters
description
string or null
annotation
string or null
locale
string <= 100 characters
default_locale
boolean
is_published
boolean (Published)
folder
string <uuid>
library
string or null <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]

Responses

Request samples

Content type
{
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "library": "797da83b-59ce-49a1-b907-6b3b0f54a6f5",
  • "filtering_labels": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "library": "797da83b-59ce-49a1-b907-6b3b0f54a6f5",
  • "filtering_labels": [
    ]
}

threats_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Threat.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "path": "string",
  • "folder": "string",
  • "library": "string",
  • "filtering_labels": [
    ],
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_published": true
}

threats_update

API endpoint that allows threats to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Threat.

Request Body schema:
urn
string or null <= 255 characters
ref_id
string or null (Reference ID) <= 100 characters
provider
string or null <= 200 characters
name
string or null <= 200 characters
description
string or null
annotation
string or null
locale
string <= 100 characters
default_locale
boolean
is_published
boolean (Published)
folder
string <uuid>
library
string or null <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]

Responses

Request samples

Content type
{
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "library": "797da83b-59ce-49a1-b907-6b3b0f54a6f5",
  • "filtering_labels": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "library": "797da83b-59ce-49a1-b907-6b3b0f54a6f5",
  • "filtering_labels": [
    ]
}

threats_partial_update

API endpoint that allows threats to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Threat.

Request Body schema:
urn
string or null <= 255 characters
ref_id
string or null (Reference ID) <= 100 characters
provider
string or null <= 200 characters
name
string or null <= 200 characters
description
string or null
annotation
string or null
locale
string <= 100 characters
default_locale
boolean
is_published
boolean (Published)
folder
string <uuid>
library
string or null <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]

Responses

Request samples

Content type
{
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "library": "797da83b-59ce-49a1-b907-6b3b0f54a6f5",
  • "filtering_labels": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "created_at": "2019-08-24T14:15:22Z",
  • "updated_at": "2019-08-24T14:15:22Z",
  • "urn": "string",
  • "ref_id": "string",
  • "provider": "string",
  • "name": "string",
  • "description": "string",
  • "annotation": "string",
  • "locale": "string",
  • "default_locale": true,
  • "is_published": true,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "library": "797da83b-59ce-49a1-b907-6b3b0f54a6f5",
  • "filtering_labels": [
    ]
}

threats_destroy

API endpoint that allows threats to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Threat.

Responses

threats_cascade_info_retrieve

Cascade preview:

  • deleted: objects actually deleted by cascade
  • affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)
Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Threat.

Responses

threats_object_retrieve

API endpoint that allows threats to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this Threat.

Responses

threats_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:
knoxApiToken

Responses

threats_ids_retrieve

API endpoint that allows threats to be viewed or edited.

Authorizations:
knoxApiToken

Responses

threats_provider_retrieve

API endpoint that allows threats to be viewed or edited.

Authorizations:
knoxApiToken

Responses

threats_threats_count_retrieve

API endpoint that allows threats to be viewed or edited.

Authorizations:
knoxApiToken

Responses

vulnerabilities

vulnerabilities_list

Override the list method to inject optimized data into the serializer context.

Authorizations:
knoxApiToken
query Parameters
applied_controls
Array of strings <uuid> [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]
filtering_labels
Array of strings <uuid> [ items <uuid > ]
findings
Array of strings <uuid> [ items <uuid > ]
folder
Array of strings <uuid> [ items <uuid > ]
id
Array of strings <uuid> [ items <uuid > ]

Multiple values may be separated by commas.

limit
integer

Number of results to return per page.

offset
integer

The initial index from which to return the results.

ordering
string

Which field to use when ordering the results.

risk_scenarios
Array of strings <uuid> [ items <uuid > ]
search
string

A search term.

security_exceptions
Array of strings <uuid> [ items <uuid > ]
severity
Array of integers
Items Enum: -1 0 1 2 3 4
  • -1 - undefined
  • 0 - info
  • 1 - low
  • 2 - medium
  • 3 - high
  • 4 - critical
status
Array of strings
Items Enum: "--" "exploitable" "fixed" "mitigated" "not_exploitable" "potential" "unaffected"
  • -- - Undefined
  • potential - Potential
  • exploitable - Exploitable
  • mitigated - Mitigated
  • fixed - Fixed
  • not_exploitable - Not exploitable
  • unaffected - Unaffected

Responses

Response samples

Content type
application/json
{}

vulnerabilities_create

API endpoint that allows vulnerabilities to be viewed or edited.

Authorizations:
knoxApiToken
Request Body schema:
required
name
required
string <= 200 characters
description
string or null
ref_id
string (Reference ID) <= 100 characters
status
string (StatusF6aEnum)
Enum: "--" "potential" "exploitable" "mitigated" "fixed" "not_exploitable" "unaffected"
  • -- - Undefined
  • potential - Potential
  • exploitable - Exploitable
  • mitigated - Mitigated
  • fixed - Fixed
  • not_exploitable - Not exploitable
  • unaffected - Unaffected
severity
integer [ -9223372036854776000 .. 9223372036854776000 ]
Enum: -1 0 1 2 3 4
  • -1 - undefined
  • 0 - info
  • 1 - low
  • 2 - medium
  • 3 - high
  • 4 - critical
folder
string <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]
applied_controls
Array of strings <uuid> [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]
security_exceptions
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "--",
  • "severity": -1,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "applied_controls": [
    ],
  • "assets": [
    ],
  • "security_exceptions": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "--",
  • "severity": -1,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "applied_controls": [
    ],
  • "assets": [
    ],
  • "security_exceptions": [
    ]
}

vulnerabilities_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this vulnerability.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "path": "string",
  • "folder": "string",
  • "applied_controls": [
    ],
  • "assets": [
    ],
  • "filtering_labels": [
    ],
  • "security_exceptions": [
    ],
  • "severity": "string",
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "--"
}

vulnerabilities_update

API endpoint that allows vulnerabilities to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this vulnerability.

Request Body schema:
required
name
required
string <= 200 characters
description
string or null
ref_id
string (Reference ID) <= 100 characters
status
string (StatusF6aEnum)
Enum: "--" "potential" "exploitable" "mitigated" "fixed" "not_exploitable" "unaffected"
  • -- - Undefined
  • potential - Potential
  • exploitable - Exploitable
  • mitigated - Mitigated
  • fixed - Fixed
  • not_exploitable - Not exploitable
  • unaffected - Unaffected
severity
integer [ -9223372036854776000 .. 9223372036854776000 ]
Enum: -1 0 1 2 3 4
  • -1 - undefined
  • 0 - info
  • 1 - low
  • 2 - medium
  • 3 - high
  • 4 - critical
folder
string <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]
applied_controls
Array of strings <uuid> [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]
security_exceptions
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "--",
  • "severity": -1,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "applied_controls": [
    ],
  • "assets": [
    ],
  • "security_exceptions": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "--",
  • "severity": -1,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "applied_controls": [
    ],
  • "assets": [
    ],
  • "security_exceptions": [
    ]
}

vulnerabilities_partial_update

API endpoint that allows vulnerabilities to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this vulnerability.

Request Body schema:
name
string <= 200 characters
description
string or null
ref_id
string (Reference ID) <= 100 characters
status
string (StatusF6aEnum)
Enum: "--" "potential" "exploitable" "mitigated" "fixed" "not_exploitable" "unaffected"
  • -- - Undefined
  • potential - Potential
  • exploitable - Exploitable
  • mitigated - Mitigated
  • fixed - Fixed
  • not_exploitable - Not exploitable
  • unaffected - Unaffected
severity
integer [ -9223372036854776000 .. 9223372036854776000 ]
Enum: -1 0 1 2 3 4
  • -1 - undefined
  • 0 - info
  • 1 - low
  • 2 - medium
  • 3 - high
  • 4 - critical
folder
string <uuid>
filtering_labels
Array of strings <uuid> (Labels) [ items <uuid > ]
applied_controls
Array of strings <uuid> [ items <uuid > ]
assets
Array of strings <uuid> [ items <uuid > ]
security_exceptions
Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Content type
{
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "--",
  • "severity": -1,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "applied_controls": [
    ],
  • "assets": [
    ],
  • "security_exceptions": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "description": "string",
  • "ref_id": "string",
  • "status": "--",
  • "severity": -1,
  • "folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
  • "filtering_labels": [
    ],
  • "applied_controls": [
    ],
  • "assets": [
    ],
  • "security_exceptions": [
    ]
}

vulnerabilities_destroy

API endpoint that allows vulnerabilities to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this vulnerability.

Responses

vulnerabilities_cascade_info_retrieve

Cascade preview:

  • deleted: objects actually deleted by cascade
  • affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)
Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this vulnerability.

Responses

vulnerabilities_object_retrieve

API endpoint that allows vulnerabilities to be viewed or edited.

Authorizations:
knoxApiToken
path Parameters
id
required
string <uuid>

A UUID string identifying this vulnerability.

Responses

vulnerabilities_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:
knoxApiToken

Responses

vulnerabilities_sankey_data_retrieve

Returns vulnerability data structured for Sankey diagram: Folders -> Severity -> Status (as links)

Authorizations:
knoxApiToken

Responses

vulnerabilities_severity_retrieve

API endpoint that allows vulnerabilities to be viewed or edited.

Authorizations:
knoxApiToken

Responses

vulnerabilities_status_retrieve

API endpoint that allows vulnerabilities to be viewed or edited.

Authorizations:
knoxApiToken

Responses

vulnerabilities_treemap_data_retrieve

Returns vulnerability data structured for treemap visualization: Folders -> Severity -> Status

Authorizations:
knoxApiToken

Responses