get https://api.picussecurity.com/v1/simulations//run/latest/threats
Includes Threat, Attacker's Objective, Action results for Prevention and Threat, Action results for Detection.
Default limit: 10, Default offset: 0
Max limit: 50
About
Simulation Run Result - Threats - Objectives - Actions endpoint returns simulation result based on threats. Threats for prevention and detection results, Attacker's Objectives for prevention and detection results and Actions for detection results are included as in Picus Platform.
Example
Get threat-objective-action result for simulation id is 1 and page size is 2, page is 2
curl --request GET \
--url 'https://api.picussecurity.com/v1/simulations/1/run/latest/threats?limit=2&offset=2' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer access_token'
{
"threats": [
{
"threat_id": 4168,
"threat_name": "Mimikatz",
"started_at": 1654793193000,
"completed_at": 1654793197000,
"prevention": "unblocked",
"objectives": [
{
"objective_id": 5165,
"objective_name": "Initial Access",
"prevention": "achieved",
"actions": [
{
"action_id": 2421,
"action_name": "Execute Mimikatz DPAPI module",
"prevention": "unblocked",
"node_id": 2,
"has_detection_analysis": true,
"detection_analysis": {
"has_log_analysis": true,
"has_alert_analysis": true,
"log_result": "Not Logged",
"alert_result": "Alerted",
"integrations": [
{
"integration_id": 110,
"product_name": "Crowdstrike",
"has_log_analysis": false,
"has_alert_analysis": true,
"alert_result": "Not Alerted"
},
{
"integration_id": 134,
"product_name": "Sentinel One",
"has_log_analysis": true,
"has_alert_analysis": true,
"log_result": "Not Logged",
"alert_result": "Alerted"
}
]
}
}
]
}
],
"has_detection_analysis": true,
"detection_analysis": {
"has_log_analysis": true,
"has_alert_analysis": true,
"log_result": "Not Logged",
"alert_result": "Alerted",
"integrations": [
{
"integration_id": 133,
"product_name": "Elasticsearch SIEM",
"has_log_analysis": true,
"has_alert_analysis": true
},
{
"integration_id": 134,
"product_name": "Sentinel One",
"has_log_analysis": true,
"has_alert_analysis": true,
"log_result": "Not Logged",
"alert_result": "Alerted"
},
{
"integration_id": 110,
"product_name": "Crowdstrike",
"has_log_analysis": false,
"has_alert_analysis": true,
"alert_result": "Not Alerted"
}
]
}
}
],
"pages": {
"total_count": 3,
"limit": 2,
"offset": 2
}
}
Pagination
Default Limit: 10, Max Limit: 50