Get all assets for a detection

GET

asset

detection

{id}

curl --request GET \
  --url https://api.wirespeed.co/asset/detection/{id} \
  --header 'Authorization: Bearer <token>'

{
  "endpoints": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "edrSourceId": "<string>",
      "mdmSourceId": "<string>",
      "name": "<string>",
      "hva": true,
      "hvaOverriddenByUser": true,
      "createdAt": "<string>",
      "privateIpAddress": "<string>",
      "live": true,
      "operatingSystem": "<string>",
      "integrationId": {},
      "contained": true,
      "managed": true,
      "publicIPs": [
        {
          "ipv4": "<string>",
          "ipv6": "<string>",
          "metadata": {
            "ip": "<string>",
            "hostname": "<string>",
            "city": "<string>",
            "region": "<string>",
            "country": "<string>",
            "loc": "<string>",
            "postal": "<string>",
            "timezone": "<string>",
            "org": "<string>",
            "asn": {
              "asn": "<string>",
              "name": "<string>",
              "domain": "<string>",
              "route": "<string>",
              "type": "<string>"
            },
            "company": {
              "name": "<string>",
              "domain": "<string>",
              "type": "<string>"
            },
            "privacy": {
              "vpn": true,
              "proxy": true,
              "tor": true,
              "relay": true,
              "hosting": true,
              "service": "<string>"
            },
            "abuse": {
              "address": "<string>",
              "country": "<string>",
              "email": "<string>",
              "name": "<string>",
              "network": "<string>",
              "phone": "<string>",
              "ofac": true,
              "adversarial": true
            },
            "domains": {
              "ip": "<string>",
              "total": 123,
              "domains": [
                "<string>"
              ]
            },
            "ofac": true,
            "adversarial": true
          },
          "displayName": "<string>",
          "id": "<string>",
          "teamId": "<string>",
          "createdAt": "<string>",
          "updatedAt": "<string>",
          "locationId": "<string>",
          "metadataLastFetchedAt": "<string>",
          "known": true,
          "safe": true,
          "detectionSid": "<string>"
        }
      ],
      "workstation": true,
      "server": true,
      "mobile": true,
      "updatedAt": "<string>",
      "raw": {}
    }
  ],
  "directory": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "enabled": true,
      "directoryId": "<string>",
      "name": "<string>",
      "phoneNumber": "<string>",
      "previousPhoneNumber": "<string>",
      "title": "<string>",
      "email": "<string>",
      "vip": true,
      "nhi": true,
      "financial": true,
      "technical": true,
      "managerDirectoryId": "<string>",
      "managerEmail": "<string>",
      "domain": "<string>",
      "department": "<string>",
      "createdAt": "<string>",
      "integrationId": {},
      "roles": [
        "<string>"
      ],
      "lastCredentialExposure": {},
      "credentialsExposed": true,
      "numberCredentialExposures": 123,
      "lastCheckedForCredentialExposures": {},
      "needsChatOpsWelcome": true,
      "contained": true,
      "username": "<string>",
      "containable": true,
      "smsConsentReceivedAt": {},
      "administrator": true,
      "updatedAt": "<string>",
      "passwordLastChangedAt": "<string>",
      "lastSignInAt": "<string>",
      "raw": {},
      "tags": [
        {
          "id": "<string>",
          "directoryUserId": "<string>",
          "tag": "VIP",
          "automationId": "<string>",
          "teamId": "<string>",
          "overriddenByUser": true,
          "enabled": true,
          "createdAt": "<string>"
        }
      ],
      "managed": true
    }
  ],
  "processes": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "command": "<string>",
      "sha256": "<string>",
      "sha1": "<string>",
      "createdAt": "<string>"
    }
  ],
  "domains": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "name": "<string>",
      "createdAt": "<string>"
    }
  ],
  "locations": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "lat": "<string>",
      "lon": "<string>",
      "city": "<string>",
      "state": "<string>",
      "country": "<string>",
      "countryCode": "<string>",
      "continent": "<string>",
      "continentCode": "<string>",
      "createdAt": "<string>",
      "known": true,
      "safe": true,
      "detectionSid": "<string>"
    }
  ],
  "files": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "lateStageTool": true,
      "remoteManagementTool": true,
      "malware": true,
      "cryptoMiner": true,
      "ransomware": true,
      "infoStealer": true,
      "benign": true,
      "name": "<string>",
      "path": "<string>",
      "sha256": "<string>",
      "sha1": "<string>",
      "toolName": "<string>",
      "createdAt": "<string>",
      "updatedAt": "<string>",
      "lastEnrichedAt": "<string>",
      "nameWithPath": "<string>",
      "liveOffTheLand": true,
      "nuisance": true,
      "fileRisk": "BENIGN",
      "metadata": {
        "threatNames": [
          {
            "name": "<string>",
            "engine": "<string>",
            "excluded": true
          }
        ],
        "lastScanTime": {},
        "story": "<string>",
        "versionInfo": [
          {
            "name": "<string>",
            "value": "<string>"
          }
        ],
        "proposedFileNames": [
          "<string>"
        ]
      },
      "enrichedViaIntegration": true
    }
  ],
  "ips": [
    {
      "ipv4": "<string>",
      "ipv6": "<string>",
      "metadata": {
        "ip": "<string>",
        "hostname": "<string>",
        "city": "<string>",
        "region": "<string>",
        "country": "<string>",
        "loc": "<string>",
        "postal": "<string>",
        "timezone": "<string>",
        "org": "<string>",
        "asn": {
          "asn": "<string>",
          "name": "<string>",
          "domain": "<string>",
          "route": "<string>",
          "type": "<string>"
        },
        "company": {
          "name": "<string>",
          "domain": "<string>",
          "type": "<string>"
        },
        "privacy": {
          "vpn": true,
          "proxy": true,
          "tor": true,
          "relay": true,
          "hosting": true,
          "service": "<string>"
        },
        "abuse": {
          "address": "<string>",
          "country": "<string>",
          "email": "<string>",
          "name": "<string>",
          "network": "<string>",
          "phone": "<string>",
          "ofac": true,
          "adversarial": true
        },
        "domains": {
          "ip": "<string>",
          "total": 123,
          "domains": [
            "<string>"
          ]
        },
        "ofac": true,
        "adversarial": true
      },
      "displayName": "<string>",
      "id": "<string>",
      "teamId": "<string>",
      "createdAt": "<string>",
      "updatedAt": "<string>",
      "locationId": "<string>",
      "metadataLastFetchedAt": "<string>",
      "known": true,
      "safe": true,
      "detectionSid": "<string>"
    }
  ],
  "userAgents": [
    {
      "id": "<string>",
      "userAgent": "<string>",
      "userAgentAlt": "<string>",
      "teamId": "<string>",
      "createdAt": "<string>",
      "displayName": "<string>",
      "browserName": "<string>",
      "browserVersion": "<string>",
      "browserMajorVersion": "<string>",
      "cpuArchitecture": "<string>",
      "deviceModel": "<string>",
      "deviceVendor": "<string>",
      "engineName": "<string>",
      "engineVersion": "<string>",
      "osName": "<string>",
      "osVersion": "<string>"
    }
  ]
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

string

required

Detection identifier

Response

200

application/json

The response is of type object.

Get all assets for a case Get asset counts by type

curl --request GET \
  --url https://api.wirespeed.co/asset/detection/{id} \
  --header 'Authorization: Bearer <token>'

{
  "endpoints": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "edrSourceId": "<string>",
      "mdmSourceId": "<string>",
      "name": "<string>",
      "hva": true,
      "hvaOverriddenByUser": true,
      "createdAt": "<string>",
      "privateIpAddress": "<string>",
      "live": true,
      "operatingSystem": "<string>",
      "integrationId": {},
      "contained": true,
      "managed": true,
      "publicIPs": [
        {
          "ipv4": "<string>",
          "ipv6": "<string>",
          "metadata": {
            "ip": "<string>",
            "hostname": "<string>",
            "city": "<string>",
            "region": "<string>",
            "country": "<string>",
            "loc": "<string>",
            "postal": "<string>",
            "timezone": "<string>",
            "org": "<string>",
            "asn": {
              "asn": "<string>",
              "name": "<string>",
              "domain": "<string>",
              "route": "<string>",
              "type": "<string>"
            },
            "company": {
              "name": "<string>",
              "domain": "<string>",
              "type": "<string>"
            },
            "privacy": {
              "vpn": true,
              "proxy": true,
              "tor": true,
              "relay": true,
              "hosting": true,
              "service": "<string>"
            },
            "abuse": {
              "address": "<string>",
              "country": "<string>",
              "email": "<string>",
              "name": "<string>",
              "network": "<string>",
              "phone": "<string>",
              "ofac": true,
              "adversarial": true
            },
            "domains": {
              "ip": "<string>",
              "total": 123,
              "domains": [
                "<string>"
              ]
            },
            "ofac": true,
            "adversarial": true
          },
          "displayName": "<string>",
          "id": "<string>",
          "teamId": "<string>",
          "createdAt": "<string>",
          "updatedAt": "<string>",
          "locationId": "<string>",
          "metadataLastFetchedAt": "<string>",
          "known": true,
          "safe": true,
          "detectionSid": "<string>"
        }
      ],
      "workstation": true,
      "server": true,
      "mobile": true,
      "updatedAt": "<string>",
      "raw": {}
    }
  ],
  "directory": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "enabled": true,
      "directoryId": "<string>",
      "name": "<string>",
      "phoneNumber": "<string>",
      "previousPhoneNumber": "<string>",
      "title": "<string>",
      "email": "<string>",
      "vip": true,
      "nhi": true,
      "financial": true,
      "technical": true,
      "managerDirectoryId": "<string>",
      "managerEmail": "<string>",
      "domain": "<string>",
      "department": "<string>",
      "createdAt": "<string>",
      "integrationId": {},
      "roles": [
        "<string>"
      ],
      "lastCredentialExposure": {},
      "credentialsExposed": true,
      "numberCredentialExposures": 123,
      "lastCheckedForCredentialExposures": {},
      "needsChatOpsWelcome": true,
      "contained": true,
      "username": "<string>",
      "containable": true,
      "smsConsentReceivedAt": {},
      "administrator": true,
      "updatedAt": "<string>",
      "passwordLastChangedAt": "<string>",
      "lastSignInAt": "<string>",
      "raw": {},
      "tags": [
        {
          "id": "<string>",
          "directoryUserId": "<string>",
          "tag": "VIP",
          "automationId": "<string>",
          "teamId": "<string>",
          "overriddenByUser": true,
          "enabled": true,
          "createdAt": "<string>"
        }
      ],
      "managed": true
    }
  ],
  "processes": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "command": "<string>",
      "sha256": "<string>",
      "sha1": "<string>",
      "createdAt": "<string>"
    }
  ],
  "domains": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "name": "<string>",
      "createdAt": "<string>"
    }
  ],
  "locations": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "lat": "<string>",
      "lon": "<string>",
      "city": "<string>",
      "state": "<string>",
      "country": "<string>",
      "countryCode": "<string>",
      "continent": "<string>",
      "continentCode": "<string>",
      "createdAt": "<string>",
      "known": true,
      "safe": true,
      "detectionSid": "<string>"
    }
  ],
  "files": [
    {
      "id": "<string>",
      "displayName": "<string>",
      "teamId": "<string>",
      "lateStageTool": true,
      "remoteManagementTool": true,
      "malware": true,
      "cryptoMiner": true,
      "ransomware": true,
      "infoStealer": true,
      "benign": true,
      "name": "<string>",
      "path": "<string>",
      "sha256": "<string>",
      "sha1": "<string>",
      "toolName": "<string>",
      "createdAt": "<string>",
      "updatedAt": "<string>",
      "lastEnrichedAt": "<string>",
      "nameWithPath": "<string>",
      "liveOffTheLand": true,
      "nuisance": true,
      "fileRisk": "BENIGN",
      "metadata": {
        "threatNames": [
          {
            "name": "<string>",
            "engine": "<string>",
            "excluded": true
          }
        ],
        "lastScanTime": {},
        "story": "<string>",
        "versionInfo": [
          {
            "name": "<string>",
            "value": "<string>"
          }
        ],
        "proposedFileNames": [
          "<string>"
        ]
      },
      "enrichedViaIntegration": true
    }
  ],
  "ips": [
    {
      "ipv4": "<string>",
      "ipv6": "<string>",
      "metadata": {
        "ip": "<string>",
        "hostname": "<string>",
        "city": "<string>",
        "region": "<string>",
        "country": "<string>",
        "loc": "<string>",
        "postal": "<string>",
        "timezone": "<string>",
        "org": "<string>",
        "asn": {
          "asn": "<string>",
          "name": "<string>",
          "domain": "<string>",
          "route": "<string>",
          "type": "<string>"
        },
        "company": {
          "name": "<string>",
          "domain": "<string>",
          "type": "<string>"
        },
        "privacy": {
          "vpn": true,
          "proxy": true,
          "tor": true,
          "relay": true,
          "hosting": true,
          "service": "<string>"
        },
        "abuse": {
          "address": "<string>",
          "country": "<string>",
          "email": "<string>",
          "name": "<string>",
          "network": "<string>",
          "phone": "<string>",
          "ofac": true,
          "adversarial": true
        },
        "domains": {
          "ip": "<string>",
          "total": 123,
          "domains": [
            "<string>"
          ]
        },
        "ofac": true,
        "adversarial": true
      },
      "displayName": "<string>",
      "id": "<string>",
      "teamId": "<string>",
      "createdAt": "<string>",
      "updatedAt": "<string>",
      "locationId": "<string>",
      "metadataLastFetchedAt": "<string>",
      "known": true,
      "safe": true,
      "detectionSid": "<string>"
    }
  ],
  "userAgents": [
    {
      "id": "<string>",
      "userAgent": "<string>",
      "userAgentAlt": "<string>",
      "teamId": "<string>",
      "createdAt": "<string>",
      "displayName": "<string>",
      "browserName": "<string>",
      "browserVersion": "<string>",
      "browserMajorVersion": "<string>",
      "cpuArchitecture": "<string>",
      "deviceModel": "<string>",
      "deviceVendor": "<string>",
      "engineName": "<string>",
      "engineVersion": "<string>",
      "osName": "<string>",
      "osVersion": "<string>"
    }
  ]
}

Cases

Integration

Asset

Team

Users

Detection

Endpoint

Get all assets for a detection

Authorizations

Path Parameters

Response