added
Vulnerability Management: Vulnerability Intelligence Filters in Vulnerability Exports
4 days ago by Ben Bristow
Tenable has added new filters to the Export vulnerabilities endpoint to support Vulnerability Intelligence, a user interface feature that compares vulnerabilities in your environment with those in public databases and curated categories.
Apply the new filters to the Export vulnerabilities request body to start an export based on Vulnerability Intelligence criteria.
The following table describes the new filters:
| Filter | Data Type | Description |
|---|---|---|
cve_category | Array of Strings | Returns vulnerabilities that match the specified CVE category. For more information about categories, see Vulnerability Categories in the Tenable Vulnerability Management User Guide. |
cve_id | Array of Strings | Returns vulnerabilities matching the specified Common Vulnerabilities and Exposures (CVE) ID(s), for example CVE-2024-10289. |
exploit_maturity | Array of Strings | Returns vulnerabilities matching the specified exploit maturity. Tenable assigns exploit maturity values to vulnerabilities based on availability and sophistication of exploit code. |
resurfaced_date | String | Returns vulnerabilities that have resurfaced between the specified date and now. The date must be specified in Unix 10-digit time format (seconds). |
time_taken_to_fix | Integer | Returns vulnerabilities based on how long it took in seconds for your organization to issue a fix. Your export will only include vulnerabilities in the fixed state if this filter is included. |
vpr_threat_intensity | Array of Strings | Returns vulnerabilities matching the specified threat intensity, which is based on the number and frequency of recently observed threat events. |
weaponization | Array of Strings | Returns vulnerabilities matching the specified weaponization. Weaponized vulnerabilities are vulnerabilities that are ready for use in a particular type of cyberattack. |
Example: Vulnerability Intelligence filters
In the following example, the new filters are applied to the Export vulnerabilities request body:
curl --request POST \
--url https://cloud.tenable.com/vulns/export \
--header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"num_assets": 50,
"include_unlicensed": false,
"filters": {
"time_taken_to_fix": 1209600,
"resurfaced_date": 1740672000,
"cve_id": [
"CVE-2024-10289"
],
"cve_category": [
"emerging threats"
],
"exploit_maturity": [
"high"
],
"vpr_threat_intensity": [
"very high"
],
"weaponization": [
"botnet"
]
}
}
'