We use proprietary and third party's cookies to improve your experience and our services, identifying your Internet Browsing preferences on our website; develop analytic activities and display advertising based on your preferences. If you keep browsing, you accept its use. You can get more information on our Cookie Policy
Cookies Policy
Security-Monitoring:Remediation Open API Specification - FIWARE Forge Wiki

Security-Monitoring:Remediation Open API Specification

From FIWARE Forge Wiki

Jump to: navigation, search


Introduction to the Remediation API

Remediation API Core

This document provides a description of the available interface and presents adapters used by the Remediation Application

The Remediation Application allows a security operator to list all the attack paths present in a system and to select one and remediate it. More details about this process can be found in FIWARE.OpenSpecification.Security.SecurityMonitoring#Remediation. The RESTful API proposes identical functionalities without using the WEB UI.

Intended Audience

This document is addressed to software architects and developers, and to operators of the Remediation Application.

API Change History

This version of the Remediation Application API Guide replaces all previous versions and makes them obsolete. The most recent changes are described in the table below:

Revision Date Changes Summary
April, 2013
  • V1.0, first release

How to Read This Document

Along the document, some special notations are applied to differentiate some special words or concepts. The following list summarizes these special notations:

  • A bold, mono-spaced font is used to represent a module.
  • An italic font is used to represent an example

General Remediation API Information

To interact with the remediation application, a RESTful API has also been created. Here is a description of the features provided by this API.

Loading of topological data from the CMDB and generate the attack graph

This function is necessary to load the attack graph and attack paths information. This function has to be launched successfully before any of the functions below may be called.

  • URL: /attack_paths/initialize
  • Return format: HTTP code 200 if the loading has been successful, or return the errors

Get the attack graph

Function used to get the whole attack graph.

  • URL: /attack_paths/attack_graph/
  • Return format: XML : The Attack graph in MulVAL output format

List all attack paths

Function used to get a list of all the attack paths

  • URL: /attack_paths/list
  • Return format: XML : The list of attack paths in XML

Get the attack path {id}

Function used to get a chosen attack path.

  • URL: /attack_paths/{id}/
  • Return format: XML : A ranked attack path in XML

Get the remediations for attack path {id}

Function used to get the remediation to a chosen attack path.

  • URL: /attack_paths/{id}/remediations
  • Return format: XML : Get the possible remediations for the attack path {id} sorted by estimated cost
Personal tools
Create a book