Cases
- POSTCount cases by status
- POSTGet case statistics by severity
- POSTGet case statistics by category class
- GETGet weekly case counts
- GETGet example case for demonstration
- GETGet all detections for a case
- DELDelete a case
- PATCHUpdate case details
- POSTCalculate mean time to resolution
- POSTCalculate mean time to contain
- POSTReingest all detections for a case
- GETGet related cases
- GETGet threat indicators for a case
- POSTSearch and list cases
- POSTSubmit feedback for AI case summary
- GETGet active bulk jobs for current user
- GETGet bulk job status
- GETGet case by ID or SID
- POSTExport cases to CSV
- POSTBulk close cases
Integration
- POSTSearch integrations
- POSTSearch integration logs
- POSTGet daily integration log counts
- PUTAdd API key integration
- PUTAdd other integration type
- PUTAdd basic authentication integration
- POSTGet OAuth installation URL
- GETGet all integration configurations
- GETGet integration by ID
- DELDelete integration
- PATCHUpdate integration
- GETGet integration configuration by type
- GETHandle OAuth redirect
- POSTVerify JWT token
- GETHandle authenticated OAuth redirect
- POSTInvoke integration action
- GETHandle OAuth authenticated redirect
- GETGet webhook secret
- GETGet AWS remote API key
- PUTRegister AWS integration remotely
- POSTCheck integration entitlements
- GETVerify integration webhook
- POSTHandle integration webhook
- GETGet ConnectWise PSA configuration
- PUTUpdate ConnectWise PSA configuration
- GETGet ConnectWise companies
- GETGet ConnectWise boards
- GETGet board ticket types
- GETGet board ticket statuses
- GETGet ConnectWise priorities
- GETGet Jira configuration
- PUTUpdate Jira configuration
- GETGet Jira Cloud instances
- GETGet Jira projects
- GETGet Jira issue types
Asset
Users
Team
- POSTGet team statistics report
- POSTSwitch to a different team
- GETGet current team information
- PUTCreate a new team
- POSTSearch service provider teams
- DELDelete the current team and all associated data
- PATCHUpdate team information
- GETGet team by any UUID
- GETGet all teams
- POSTSearch team members
- POSTSearch system logs
- PUTAdd operating team
- DELRemove operating team
- PUTInvite user to team
- PUTResend invitation to user
- GETGet platform logos
- PUTUpload platform logo
- DELDelete platform logo
- PATCHReset default chat ops for a field
- DELRemove external user from team
- GETGet all team-level API keys
- PUTCreate a team-level API key
- DELDelete a team-level API key
Directory
- GETGet directory user by ID
- PATCHUpdate directory user
- POSTSearch directory users
- PUTAdd users to chat ops onboarding
- DELRemove user from chat ops onboarding
- PUTAdd users to chat ops onboarding
- DELRemove users from chat ops onboarding
- PUTAdd tag to directory user
- DELRemove tag from directory user
- GETGet VIP user count and change
- PUTCreate directory automation
- POSTSearch directory automations
- DELDelete directory automation
- PATCHUpdate directory automation
- POSTRefresh directory user data
Detection
- POSTGet detection statistics by severity
- POSTGet detection statistics by category class
- POSTGet detection chat ops statistics
- POSTGet noise reduction statistics over time
- POSTCalculate mean time to detect
- POSTCalculate mean time to verdict
- POSTSearch and list detections
- GETGet example detection for demonstration
- PUTCreate a custom detection
- POSTList custom detections
- DELDelete a custom detection
- PATCHUpdate a custom detection
- POSTReingest a detection
- GETGet detection by ID or SID
- GETGet AQL questions for detection
- DELDelete a detection
- PATCHUpdate detection details
- POSTExport detections to CSV
Bulk close cases
Copy
curl --request POST \
--url https://api.wirespeed.co/cases/bulk-close \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"verdict": "MALICIOUS",
"caseIds": [
"<string>"
],
"filter": {
"filter": "<string>",
"search": "<string>",
"statuses": [
"NEW"
],
"verdict": "MALICIOUS",
"severity": "INFORMATIONAL",
"onlyWasEscalated": true,
"onlyWasContained": true,
"onlyWasMobile": true,
"onlyChatOps": true,
"integrationPlatform": "aws",
"categoryClass": "ENDPOINT",
"category": "OTHER__DIAGNOSTIC",
"createdAt": {
"gt": "<string>",
"gte": "<string>",
"lt": "<string>",
"lte": "<string>"
}
},
"excludedCaseIds": [
"<string>"
]
}
'Copy
{
"jobId": "<string>",
"totalCount": 123
}Cases
Bulk close cases
POST
/
cases
/
bulk-close
Bulk close cases
Copy
curl --request POST \
--url https://api.wirespeed.co/cases/bulk-close \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"verdict": "MALICIOUS",
"caseIds": [
"<string>"
],
"filter": {
"filter": "<string>",
"search": "<string>",
"statuses": [
"NEW"
],
"verdict": "MALICIOUS",
"severity": "INFORMATIONAL",
"onlyWasEscalated": true,
"onlyWasContained": true,
"onlyWasMobile": true,
"onlyChatOps": true,
"integrationPlatform": "aws",
"categoryClass": "ENDPOINT",
"category": "OTHER__DIAGNOSTIC",
"createdAt": {
"gt": "<string>",
"gte": "<string>",
"lt": "<string>",
"lte": "<string>"
}
},
"excludedCaseIds": [
"<string>"
]
}
'Copy
{
"jobId": "<string>",
"totalCount": 123
}Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Body
application/json
Verdict to apply to all cases
Available options:
MALICIOUS, SUSPICIOUS, BENIGN Explicit list of case IDs to close
Filter to match cases (alternative to caseIds)
Show child attributes
Show child attributes
Case IDs to exclude when using filter mode
⌘I