StackHawk Documentation StackHawk Logo HawkDocs
api
reports
list organization findings

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc

Organization Findings

GET /api/v1/reports/org/{orgId}/findings

Organization Findings

Get all findings for your organization as JSON or CSV (Comma Seperated Values).

Findings can be filtered by application UUIDs and/or environment names if supplied as query parameters.

Using the date query parameter you can return the findings for your apps and environments for that point in time. If no date parameter is supplied findings will be for the current date.

To retrieve findings in your desired format use the Accept header to specify the media type.

oputput format Accept header
JSON Accept: application/json
CSV Accept: text/csv

Example

Return results as CSV

curl -s -H 'Accept: text/csv' -H "Authorization: Bearer $JWT_TOKEN" 'https://api.stackhawk.com/api/v1/reports/org/ea7dc269-e4c2-41d1-aced-823087ca3e1a/findings?pageSize=500&envs=Development

scanId, applicationId, applicationName, environmentId, environmentName, status, findingPluginId, findingPluginName, findingRisk, findingUrl, findingMethod, findingEvidence, findingOtherInfo, findingDescription, findingFirstSeen, findingLastSeen
5e88b6f1-ab2a-43ce-8ca3-d72acda82de0, 85d1b3a5-4d27-46bc-ae53-28a5560199ad, JavaVulny, 0ecc65fe-64a6-45ef-b059-c710bee3155f, Development, NEW, 10038-1, Content Security Policy (CSP) Header Not Set, Medium, https://localhost:9000/payloads, GET, , , "Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.", 2022-04-01T17:27:35.558Z, 2024-03-02T23:07:19.796Z
5e88b6f1-ab2a-43ce-8ca3-d72acda82de0, 85d1b3a5-4d27-46bc-ae53-28a5560199ad, JavaVulny, 0ecc65fe-64a6-45ef-b059-c710bee3155f, Development, NEW, 10010, Cookie No HttpOnly Flag, Low, https://localhost:9000/login-code, GET, Set-Cookie: XLOGINID, , "A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.", 2024-03-01T23:14:50.768Z, 2024-03-02T23:09:33.409Z

Requires read:report permission.

Path parameters

orgIdstring · uuidrequired

UUID identifier for this StackHawk Organization.

Query parameters

appIdsstring[]

A comma-delimited list of UUID identifiers of StackHawk Applications.

envsstring[]

A comma-delimited list of environment names of StackHawk Applications to filter by.

datestring

A date to get findings up to in the format of YYYY-MM-DD eg: 2024-06-14. The most recent findings up to the day will be returned.

datetimestring

A datetime to get findings up to in ISO-8601 format eg: 2024-06-14T10:30:45Z. The most recent findings up to the second, but not after the datetime supplied will be returned. Takes precedence over date parameter if both are provided.

pageSizeinteger · int32

Pagination response size limit.

default: 500
pageTokeninteger · int32

Pagination request page increment.

default: 0

Response

StackHawk DAST security findings results.

findings
reports.CurrentFindingRow[]

The list of security findings for the page of data requested.

Hide child attributesShow child attributes
findings.applicationId
string

The application UUID.

findings.applicationName
string

The application display name.

findings.cweId
string

To cwe ID of the plugin related to this finding

findings.environmentId
string

The environment UUID.

findings.environmentName
string

The environment display name.

findings.findingDescription
string

The non-contextual finding plugin description.

findings.findingEvidence
string

The evidence, if any, related to this finding.

findings.findingFirstSeen
integer<int64>

The first time this finding was seen on this method and url combination as milliseconds since epoch.

findings.findingFirstSeenExcelFormat
string

The first time this finding was seen on this method and url combination in Excel format.

findings.findingFirstSeenISO8601
string

The first time this finding was seen on this method and url combination in ISO 8601 format.

findings.findingHash
string

The finding hash. Generated from the combination of path, method, parameters, pluginId, applicationId, environmentId.

findings.findingLastSeen
integer<int64>

The last time this finding was seen on this method and url combination as milliseconds since epoch.

findings.findingLastSeenExcelFormat
string

The last time this finding was seen on this method and url combination in Excel format.

findings.findingLastSeenISO8601
string

The last time this finding was seen on this method and url combination in ISO 8601 format.

findings.findingMethod
string

The HTTP request method of the finding.

findings.findingOtherInfo
string

More contextual information about the specific finding, if any, supplied by the finding plugin.

findings.findingPluginId
string

The finding plugin id.

findings.findingPluginName
string

The finding plugin display name

findings.findingRisk
string

The finding plugin risk level.

findings.findingUrl
string

The url the finding was found on.

findings.remediationAdvice
string

The recommended solution for this finding

findings.scanDuration
integer<int64>

The length of time the scan took, in seconds

findings.scanDurationISO8601
string

A human readable format for the scan duration

findings.scanId
string

The scan UUID that found the finding.

findings.scanUserId
string

The user id of the scan that found the finding.

findings.scanUserName
string

The user name of the scan that found the finding.

findings.stackhawkPlatformLink
string

Absolute deep-link URL to this finding's detail page in the StackHawk platform. Format: https://<configured-platform-host>/scans/{scanId}/finding/{pluginId}/path/{uriId}/message/{messageId}

findings.status
enum<string>

The most recent triage status of this finding at the time of last seen.

4 available options
NEWFALSE_POSITIVERISK_ACCEPTEDASSIGNED
findings.team
string

The team name of the scan that found the finding.

totalFindings
integer<int32>

The total findings available for all pages.

string

Unauthorized

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy