GET
/
v1
/
tenant
/
risks
List risks in a tenant
curl --request GET \
  --url https://{region}.api.plerion.com/v1/tenant/risks \
  --header 'Authorization: Bearer <token>'
{
  "data": [
    {
      "id": "<string>",
      "riskTypeId": "<string>",
      "organizationId": "<string>",
      "tenantId": "<string>",
      "integrationId": "<string>",
      "description": "<string>",
      "primaryAssetId": "<string>",
      "resolutions": [
        {
          "key": "<string>",
          "type": "<string>",
          "title": "<string>"
        }
      ],
      "score": 5,
      "likelihood": 5,
      "impact": 5,
      "severityLevel": "CRITICAL",
      "factors": [
        {
          "key": "<string>",
          "meta": {},
          "title": "<string>",
          "value": 123,
          "verificationState": "<string>",
          "description": "<string>"
        }
      ],
      "meta": {
        "assetName": "<string>",
        "resourceType": "<string>",
        "fullResourceName": "<string>"
      },
      "discoveredAt": "2023-11-07T05:31:56Z",
      "lifecycleState": "DISMISSED_ACCEPTED",
      "primaryAsset": {
        "schemaVersion": "2022-06-09",
        "id": "prn:assets:afeb4e5f-0370-4b43-8e37-7e4efc719358:aws:ec2:instance:ap-southeast-2:i-085a328dba59f229b",
        "organizationId": "dc16d897-7f52-4b73-be57-96c7c9a853da",
        "tenantId": "42749bc1-c99b-4c2c-a081-a6cda9370081",
        "integrationId": "458511a1-9bc2-4fce-97a0-0e3139588e6e",
        "executionId": 1675576960384,
        "provider": "AWS",
        "type": "AWS::EC2::Instance",
        "name": "i-085a328dba59f229b",
        "createdAt": "2023-02-04T06:07:09.092Z",
        "firstObservedAt": "2023-02-04T06:02:40.594Z",
        "lastObservedAt": "2023-02-05T06:02:40.384Z",
        "updatedAt": "2023-02-05T06:07:02.959Z",
        "tags": [
          {
            "Key": "Department",
            "Value": "Finance"
          }
        ],
        "isPubliclyExposed": false,
        "isVulnerable": false,
        "numberOfLowVulnerabilities": 85,
        "numberOfMediumVulnerabilities": 60,
        "numberOfHighVulnerabilities": 15,
        "numberOfCriticalVulnerabilities": 5,
        "vulnerabilityScore": 9,
        "hasKev": false,
        "hasExploit": false,
        "isExploitable": false,
        "isInVpc": false,
        "lastScanId": 1679594910265,
        "lastScannedAt": "2023-03-23T18:17:20.003Z",
        "imageId": "<string>",
        "platform": "<string>",
        "hasAdminPrivileges": false,
        "hasOverlyPermissivePrivileges": false,
        "hasAuthorizer": false,
        "hasTracingEnabled": false,
        "policy": {},
        "numberOfLowSecrets": 3,
        "numberOfMediumSecrets": 1,
        "numberOfHighSecrets": 0,
        "numberOfCriticalSecrets": 2,
        "lowSecrets": [
          {}
        ],
        "mediumSecrets": [
          {}
        ],
        "highSecrets": [
          {}
        ],
        "criticalSecrets": [
          {}
        ],
        "operatingSystem": [
          {
            "architecture": "x86_64",
            "name": "Ubuntu",
            "platform": "Linux/UNIX",
            "version": "24.04.2 LTS (Noble Numbat)",
            "versionId": 24.04,
            "activeKernel": "4.14.246-197.484.amzn2.x86_64",
            "buildNumber": "20348.fe_release.210507-1500",
            "lcuVersion": "10.0.20348.2762"
          }
        ],
        "riskScore": 9.36,
        "region": "us-east-1",
        "service": "AWS::EC2",
        "resourceId": "i-085a328dba59f229b",
        "resourceName": "test-instance",
        "resourceTags": [
          {
            "Key": "Public",
            "Value": true
          }
        ],
        "resourceType": "AWS::EC2::Instance",
        "fullResourceName": "arn:aws:iam::1111222233334444:policy/test-policy",
        "providerAccountId": 123456789012,
        "resourceURL": "https://us-east-1.console.aws.amazon.com/iam/home#/policies/arn:aws:iam::1111222233334444:policy/test-policy"
      },
      "integration": {
        "integrationId": "31497927-86af-4fba-afc6-c0cf2311a55b",
        "name": "Integration 001",
        "tenantId": "12345678-86af-4fba-afc6-c0cf12345678",
        "organizationId": "12345678-86af-4fba-afc6-c0cf87654321",
        "schedule": "59 6 * * *",
        "scanInterval": 24,
        "createdAt": "2023-02-04T06:07:09.092Z",
        "updatedAt": "2023-02-05T06:07:02.959Z",
        "provider": "AWS",
        "type": "AWSAccount",
        "detectionSettingId": "12345678-86af-4fba-afc6-c0cf87654321",
        "status": "Active",
        "riskScore": 8.19,
        "awsAccountId": "123456789012",
        "azureSubscriptionId": "12345678-1234-5678-1234-567812345678",
        "azureDirectoryId": "87654321-4321-8765-4321-876543218765",
        "gcpProjectId": "my-gcp-project"
      }
    }
  ],
  "meta": {
    "perPage": 100,
    "total": 200,
    "cursor": 100
  }
}

Authorizations

Authorization
string
header
required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Headers

Authorization
string
required

Bearer API Key. For example, "Bearer {Tenant API Key}"

Query Parameters

ids
string

Filter by risk IDs. Accepts a comma-separated list.

fields
string

Select specific risk fields to include in the response. Only applies to risk properties. Accepts a comma-separated list of risk fields. Example fields: id, name, severityLevel, score

riskTypeIds
string

Filter by risk type IDs. Accepts a comma-separated list.

integrationIds
string

Filter by integration IDs. Accepts a comma-separated list.

primaryAssetIds
string

Filter by primary asset IDs. Accepts a comma-separated list.

severityLevels
enum<string>

Filter by severity levels. Accepts a comma-separated list.

Available options:
CRITICAL,
HIGH,
MEDIUM,
LOW
lifecycleStates
enum<string>

Filter by lifecycle states. Accepts a comma-separated list.

Available options:
DISMISSED_ACCEPTED,
DISMISSED_NOT_A_RISK,
OPEN
resourceTypes
string

Filter by resource types. Accepts a comma-separated list.

discoveredAtStart
string<date-time>

Start of the date range for filtering risks based on the discovered date. Specify the start of the range using a valid ISO 8601 date-time string. If discoveredAtStart is provided and discoveredAtEnd is omitted, results will include risks from this date to the present. Supported formats include: - yyyy-MM-ddTHH:mm:ssZ (e.g., 2025-02-18T08:00:00Z) - yyyy-MM-ddTHH:mm:ss.SSSZ (e.g., 2025-02-18T08:00:00.000Z)

discoveredAtEnd
string<date-time>

End of the date range for filtering risks based on the discovered date. Specify the end of the range using a valid ISO 8601 date-time string. If discoveredAtEnd is provided and discoveredAtStart is omitted, results will include risks up to this date. Supported formats include: - yyyy-MM-ddTHH:mm:ssZ (e.g., 2025-02-18T08:00:00Z) - yyyy-MM-ddTHH:mm:ss.SSSZ (e.g., 2025-02-18T08:00:00.000Z)

include
string

This parameter is for loading relationships in the risk response. Available options: - primaryAsset: includes the complete primary asset object for each risk - integration: includes the complete integration object for each risk

Example:

"primaryAsset,integration"

sortBy
enum<string>

Order the list by supported field. Can accept discoveredAt or score. The default is discoveredAt.

Available options:
discoveredAt,
score
Example:

"score"

sortOrder
enum<string>

The sort order of the list. Can accept asc or desc. The default is desc.

Available options:
asc,
desc
Example:

"desc"

cursor
string

Get the next batch of risks. Used for pagination.

Example:

"k3d83a9b-k3dk-5lkd-2ldk-9kd77c1beb6"

perPage
integer
default:100

Number of items per page

Required range: 1 <= x <= 100

Response

200
application/json

Risks list

The response is of type object.