Includes Prevention and Detection result details
Prevention Result: Total Threats, Blocked/Not Blocked, Attackers Objective, UnAchieved/Achieved Count
Detection Result: Logged/Not Logged, Alerted/Not Alerted Count
About
Simulation Run Result endpoint returns detailed information about simulation results including Prevention and Detection result details for the latest simulation run.
Prevention result includes blocked and not blocked threat counts, achieved and unachieved attacker objectives counts as in Picus Platform.
The detection analysis results are included, if the simulation is enriched with detection. Detection Analytics result includes log analysis and alert analysis based on configuration and integration type.
Example
Get simulation result for simulation id is 6068.
curl --request GET \
--url https://api.picussecurity.com/v1/simulations/6068/run/latest \
--header 'Accept: application/json' \
--header 'Authorization: Bearer access_token'
{
"simulation_id": 6068,
"simulation_run_id": 14993,
"started_at": 1654793049799,
"completed_at": 1654793202457,
"template_id":12,
"status": "COMPLETED",
"completion_ratio": 100,
"status_details": {
"prevention": {
"total_threat_count": 2,
"completed_threat_count": 1
},
"detection": {
"total_threat_count": 2,
"completed_threat_count": 0
}
},
"results": {
"prevention": {
"security_score": 13,
"threat": {
"total_count": 3,
"blocked_count": 1,
"not_blocked_count": 2,
"not_tested_count": 0
},
"attacker_objectives": {
"total_count": 8,
"unachived_count": 1,
"achived_count": 7,
"not_tested_count": 0
}
},
"has_detection_analysis": true,
"detection_analysis": {
"security_score": 66,
"has_log_analysis": true,
"has_alert_analysis": true,
"log": {
"score": 33,
"logged_threat_count": 1,
"not_logged_threat_count": 2
},
"alert": {
"score": 100,
"alerted_threat_count": 3,
"not_alerted_threat_count": 0
},
"integrations": [
{
"product_name": "Crowdstrike",
"id": 110
},
{
"product_name": "Sentinel One",
"id": 134
}
]
}
}
Get simulation result for simulation id is 6069
curl --request GET \
--url https://api.picussecurity.com/v1/simulations/6069/run/latest \
--header 'Accept: application/json' \
--header 'Authorization: Bearer access_token'
{
"simulation_id": 6069,
"simulation_run_id": 14994,
"started_at": 1654793049799,
"template_id":12,
"status": "RUNNING",
"completion_ratio": 66,
"status_details": {
"prevention": {
"total_threat_count": 6,
"completed_threat_count": 4
},
"detection": {
"total_threat_count": 0,
"completed_threat_count": 0
}
}
}