PRIOn Logo

Introducing PRIOn Knowledge Base (KB) REST API


Unlocking KB's Full Potential with REST API Integration

Although utilizing KB's front-end interface offers a convenient experience, you can maximize its potential by incorporating the accessible REST API. This integration allows you to seamlessly connect KB with your in-house technology stack of choice, unlocking the full spectrum of its capabilities and providing a tailored, efficient solution that aligns with your specific needs and workflows. Whether it's data synchronization, automation, or custom feature development, the REST API empowers you to harness KB's functionality in a way that best serves your organization.

/
Cover Image for  Introducing PRIOn Knowledge Base (KB) REST API

While using KB’s front-end is quick and easy, to get the most value you can use the REST API that is available and integrate it with any in-house technology you like.

Our API is available under https://api.prio-n.com.

We also have our OpenAPI spec available under https://api.prio-n.com/docs.

KB API Data

CVE Information

Basic CVE information as it comes from MITRE CVE Project and National Vulnerability Database (NVD) Feeds. Including:

  • CVE ID

  • Title. When a title is not present in the original feed, PRIOn engine will generate one.

  • Description

  • Scores. Common Vulnerability Scoring System (CVSS) v2.x, v3.x

  • Affected Products

  • References

  • Common Weakness Enumeration (CWE) tags where present.

CVE Analysis – Classification

The information provided here comes from PRIOn KB engine analysis:

  • CISA Exploit Catalog. Returns true/false depending on whether the vulnerability is present into CISA’s most exploited catalog.

  • DISA STIG Mapping. Using Natural Language Processing (NLP) techniques the vulnerability is mapped to a particular Security Technical Implementation Guide (STIG)

  • Existence of public exploits. At the moment we check if a Metasploit module is available for the vulnerability.

  • Vulnerability Type Detection. Using Natural Language Processing (NLP) techniques the engine is able to identify the type of the vulnerability.

  • Security Framework Mapping:

    • OWASP Top 10. Check if the vulnerability type is included in the OWASP top 10. You can learn more about OWASP here

    • MITRE ATT&CK Mapping. Using Natural Language Processing (NLP) techniques the engine is able to map the vulnerability to the appropriate technique. You can learn more about MITRE ATT&CK framework here

    • MITRE Common Attack Pattern and Enumeration (CAPEC). Using Natural Language Processing (NLP) techniques the engine is able to map the vulnerability to specific attack patterns. You can learn more about MITRE CAPEC here

    • MITRE Top 25. Check if the vulnerability type is included in the MITRE Top 25.

API Keys

Before you can use the API you need to create valid credentials.

  1. Sign-in to your account under https://kb.prio-n.com. If you don’t have an account go ahead and create one, it’s free.

  2. From the user menu, navigate to API KEYS.

  3. Click the CREATE KEYS button. In a few seconds you should be presented with: a

    ‘client_id’ and a ‘client_secret’

IMPORTANT: Make sure you note down your ‘client_secret’ as it won’t be shown ever again

If you forget or simply wish to create a new set of API credentials:

  1. Sign-in to your account under https://kb.prio-n.com. From the user menu, navigate to

    API KEYS.

  2. Your existing API configuration and ‘cliend_id’ will be shown.

  3. Click the DELETE button to remove your credential set.

  4. Follow the creation process above to generate a new set of credentials.

Authentication

In order to authenticate to the KB API you need an access token. The API uses the client credentials authentication flow. You need to authenticate with the ‘client_id’ and ‘client_secret’ configured in the previous section in order to obtain a valid access token.

Obtaining an access token

You can obtain an access token with curl like below:

curl --request POST --url 'https://prion-kb.eu.auth0.com/oauth/token' --header 'content-type: application/x-www-form-urlencoded' --data ' audience=https://api.prio-n.com& grant_type=client_credentials& client_id=YOUR_CLIENT_ID& client_secret=YOUR_SECRET'

The JSON response will contain your access token along with a few other details like below:

{"access_token":"<YOUR_ACCESS_TOKEN>", "expires_in":86400, "token_type":"Bearer"}

Note: Your response will be slightly different.

Making a request

curl -X 'GET' 'https://api.prio-n.com/v1/vulns/<CVE_ID>' -H 'accept: application/json' -H 'Authorization: Bearer <YOUR_ACCESS_TOKEN>'

The JSON response will contain all data known to the KB for a specific CVE.

More Examples

More examples can be found under our Github repository here.


More from PRIOn

A Year in Review 2022

PRIOn Team
PRIOn Team
Cover Image for undefined