Ethiack Blog

Extended Capabilities for Ethiack’s API: What’s Changing

Written by André Baptista | 11/06/24 10:02

If you work in security, you know that information can get very decentralized. One platform for tickets, another for findings, another for tasks, and so on. Next thing you know, you’re spending your days doing busy work instead of actual security work.

Security teams often ask us how to best integrate our Automated Pentester with their internal ticket and vulnerability management software. Their goal is to centralize information from all their tools so they can work more efficiently. That’s why we’re launching extended capabilities for our API, allowing you to execute the core actions of our Portal through endpoints.

Here’s what’s changing.

The New Endpoints

We wanted to give you the ability to execute any action essential to your day-to-day security operations through the API, so integrating with internal tools is a breeze.

While before you could only submit findings and see ongoing events together with their scope, the new endpoints offer many more options. Here’s what you can expect:

  • Get all your findings;
  • List, add, and remove assets;
  • Add and verify domains;
  • List and manage events;
  • Get findings associated with an event;
  • List, get, and generate reports;
  • And a few other options.

As you can notice, these are the core features of our Automated Pentester. If you want to use other features, like the Assistant or the Retesting Button, you’ll have to access them through the Portal.

 

Who is this for?

We’ve expanded the API thinking about teams using their own vulnerability management solutions. This could be an internal dashboard for managing findings or a third-party tool. If you’re using Jira or Splunk, you don’t even need to use the API - we already have integrations built-in!

You could use the API to see findings associated with an asset, generate weekly reports, mark findings as patched, or even order a pizza to the office whenever a critical finding is fixed. The point is - now you have a lot more freedom!

 

Get Started

To start using the API, head over to the Settings page and grab your API credentials. You can explore the available endpoints here.


If you run into any questions, reach out to our team through the Live Chat in the Portal.