Extended Capabilities for Ethiack’s API: What’s Changing

Link copied!
André Batista

André Baptista

CTO

Ethiack

June 11, 2024

If you work in security, you know that information can get very decentralized. One platform for tickets, another for findings, another for tasks, and so on. Next thing you know, you’re spending your days doing busy work instead of actual security work.

Security teams often ask us how to best integrate our Automated Pentester with their internal ticket and vulnerability management software. Their goal is to centralize information from all their tools so they can work more efficiently. That’s why we’re launching extended capabilities for our API,allowing you to execute the core actions of our Portal through endpoints.

Here’s what’s changing.

The New Endpoints

We wanted to give you the ability to execute any action essential to your day-to-day security operations through the API, so integrating with internal tools is a breeze.

While before you could only submit findings and see ongoing events together with their scope, the new endpoints offer many more options. Here’s what you can expect:

  • Get all your findings;
  • List, add, and remove assets;
  • Add and verify domains;
  • List and manage events;
  • Get findings associated with an event;
  • List, get, and generate reports;
  • And a few other options.

As you can notice, these are the core features of our Automated Pentester. If you want to use other features, like the Assistant or the Retesting Button, you’ll have to access them through the Portal.

Who is this for?

We’ve expanded the API thinking about teams using their own vulnerability management solutions. This could be an internal dashboard for managing findings or a third-party tool. If you’re using Jira or Splunk, you don’t even need to use the API - we already have integrations built-in!

You could use the API to see findings associated with an asset, generate weekly reports, mark findings as patched, or even order a pizza to the office whenever a critical finding is fixed. The point is - now you have a lot more freedom!

Get Started

To start using the API, head over to the Settings page and grab your API credentials. You can explore the available endpoints here.

If you run into any questions, reach out to our team through the Live Chat in the Portal.

Don’t wait for the attack.

Secure Your Future with Ethiack

Try Ethiack

If you're still unsure convince yourself with a 30-day free trial. No obligation. Just testing.

signup(datetime.now());

def hello(self): print("We are ethical hackers")

class Ethiack: def continuous_vulnerability_discovery(self: Ethiack): self.scan_attack_surface() self.report_all_findings() def proof_of_exploit_validation(self: Ethiack): self.simulate_attack() self.confirm_exploitability() self.validate_impact()

while time.time() < math.inf: ethiack.map_attack_surface() ethiack.discover_vulnerabilities() ethiack.validate_exploits() ethiack.generate_mitigations() ethiack.calculate_risk() ethiack.notify_users() log.success("✓ Iteration complete")

>>> show_testimonials() They found vulnerabilities no one else did. Fast, real, and actionable results. It's like having a red team on call. >>> check_socials()

signup(datetime.now()) meet(ethiack)

def actionable_mitigation_guidance(ethiack): ethiack.generate_mitigation_steps() ethiack.prioritize_fixes() ethiack.support_teams() def attack_surface_management(ethiack): while time.time() < math.inf: ethiack.map_attack_surface() ethiack.monitor_changes() def quantifiable_risk_reduction(ethiack): ethiack.check_risk_metrics() ethiack.calculate_delta() return ethiack.report_real_risk()

Activate AI penTesting

Start a Free 30-day trial
Made by Büro
Ethiack — Autonomous Ethical Hacking for continuous security Continuous Attack Surface Management & Testing