API Reference

# Signature List

get https://api.picussecurity.com/v1/mitigation/devices//signatures

Signature List; Signature Id, Signature Name, Vendor Severity, Signature Category, Signature Version,
Description. Reference, Product Platform, Product Version

About

Mitigation Signature List Endpoint is designed to return action based signature suggestions as obtained under Picus platform > Mitigation > Vendor Based Mitigations. Vendor based mitigation device mitigations can be fetched using the endpoint.

Example

Get mitigation signatures -that are related to device with id 16- of actions with ids 13636, 13643.

curl --request GET \
     --url 'https://api.picussecurity.com/v1/mitigation/devices/16/signatures?action_ids=13636,13643' \
     --header 'Accept: application/json' \
     --header 'Authorization: Bearer access_token'

[
    {
        "id": 167065,
        "signature_id": "Some signature id",
        "name": "Malicious Binary.TC.mouuqr",
        "vendor_severity": "High",
        "signature_category": "",
        "signature_version": "Some signature version",
        "description": "",
        "reference": "",
        "product_platform": "Check Point NGX",
        "product_version": "R80.40"
    },
    {
        "id": 167515,
        "signature_id": "Some signature id",
        "name": "Injector.Win32.Runpe.TC.koj",
        "vendor_severity": "High",
        "signature_category": "",
        "signature_version": "Some signature version",
        "description": "",
        "reference": "",
        "product_platform": "Check Point NGX",
        "product_version": "R80.40"
    }
]

📘

Action Ids Filter

Required, Max 10 action ids can be filtered.

Language
Authorization
Header
Click Try It! to start a request and see the response here!