GET
/
cases
/
example
Get example case for demonstration
curl --request GET \
  --url https://api.wirespeed.co/cases/example \
  --header 'Authorization: Bearer <token>'
{
  "id": "<string>",
  "sid": "<string>",
  "teamId": "<string>",
  "name": "<string>",
  "lastNotifiedClientAt": {},
  "status": "NEW",
  "createdAt": "<string>",
  "detectionSids": [
    "<string>"
  ],
  "testMode": true,
  "firstDetectionSourceIngestedAt": "<string>",
  "firstDetectionSourceDetectedAt": "<string>",
  "updatedAt": "<string>",
  "closedAt": "<string>",
  "logs": [
    {
      "log": "<string>",
      "timestamp": "<string>",
      "debug": true
    }
  ],
  "contained": true,
  "reingested": true,
  "verdict": "MALICIOUS",
  "title": "<string>",
  "categories": [
    "OTHER__DIAGNOSTIC"
  ],
  "excludeFromMeans": true,
  "verdictedAt": "<string>",
  "detectionCount": 123,
  "firstRun": true,
  "mttr": 123,
  "teamName": "<string>",
  "containsVIP": true,
  "containsHVA": true,
  "containsMobile": true,
  "externalTicketId": "<string>",
  "externalTicketIntegrationId": "<string>",
  "autoContained": true,
  "severity": "<string>",
  "severityOrdinal": 123,
  "respondedAt": "<string>",
  "platforms": [
    "<string>"
  ],
  "notes": "<string>",
  "clientNotified": true,
  "summary": "<string>"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Response

200 - application/json
id
string
required

Unique identifier for the case

sid
string
required

Short identifier for the case

teamId
string
required

Team ID that owns this case

lastNotifiedClientAt
object
required

Timestamp when the case was last notified to the client

status
enum<string>
required

Current status of the case

Available options:
NEW,
PROCESSING,
ESCALATED,
HUNTING,
MONITORING,
CLOSED
createdAt
string
required

Timestamp when the case was created

detectionSids
string[]
required

Array of detection SIDs associated with this case

testMode
boolean
required

Whether this case is in test mode

firstDetectionSourceIngestedAt
string
required

Timestamp when first detection was ingested

firstDetectionSourceDetectedAt
string
required

Timestamp when first detection was detected by source

logs
object[]
required

Array of log entries for this case

contained
boolean
required

Whether the threat has been contained

reingested
boolean
required

Whether the case has been reingested

verdict
enum<string>
required

Verdict assigned to the case

Available options:
MALICIOUS,
SUSPICIOUS,
BENIGN
title
string
required

Title of the case based on categories and verdict

categories
enum<string>[]
required

Array of categories assigned to this case

excludeFromMeans
boolean
required

Whether to exclude this case from mean calculations

firstRun
boolean
required

Whether this is the first run of the detection

containsVIP
boolean
required

Whether case involves VIP users

containsHVA
boolean
required

Whether case involves high-value assets

containsMobile
boolean
required

Whether case involves mobile devices

severity
string
required

Severity level of the case

severityOrdinal
number
required

Numeric value of severity for sorting

name
string

Custom name for the case

updatedAt
string

Timestamp when the case was last updated

closedAt
string

Timestamp when the case was closed

verdictedAt
string

Timestamp when verdict was assigned

detectionCount
number

Number of detections in this case

mttr
number

Mean time to respond in seconds

teamName
string

Name of the team that owns this case

externalTicketId
string

External ticket ID from ticketing system integration

externalTicketIntegrationId
string

ID of integration used for external ticket

autoContained
boolean

Whether threat was automatically contained

respondedAt
string

Timestamp when case was responded to

platforms
string[]

Array of integration platforms involved

notes
string

Notes or comments about the case

clientNotified
boolean

Whether client has been notified about this case

summary
string

AI-generated summary of the case