While using KB’s front-end is quick and easy, to get the most value you can use the REST API that is available and integrate it with any in-house technology you like.
Our API is available under https://api.prio-n.com.
We also have our OpenAPI spec available under https://api.prio-n.com/docs.
KB API Data
Basic CVE information as it comes from MITRE CVE Project and National Vulnerability Database (NVD) Feeds. Including:
- CVE ID
- Title. When a title is not present in the original feed, PRIOn engine will generate one.
- Scores. Common Vulnerability Scoring System (CVSS) v2.x, v3.x
- Affected Products
- Common Weakness Enumeration (CWE) tags where present.
CVE Analysis – Classification
The information provided here comes from PRIOn KB engine analysis:
- CISA Exploit Catalog. Returns true/false depending on whether the vulnerability is present into CISA’s most exploited catalog.
- DISA STIG Mapping. Using Natural Language Processing (NLP) techniques the vulnerability is mapped to a particular Security Technical Implementation Guide (STIG)
- Existence of public exploits. At the moment we check if a Metasploit module is available for the vulnerability.
- Vulnerability Type Detection. Using Natural Language Processing (NLP) techniques the engine is able to identify the type of the vulnerability.
- Security Framework Mapping:
- OWASP Top 10. Check if the vulnerability type is included in the OWASP top 10. You can learn more about OWASP here.
- MITRE ATT&CK Mapping. Using Natural Language Processing (NLP) techniques the engine is able to map the vulnerability to the appropriate technique. You can learn more about MITRE ATT&CK framework here.
- MITRE Common Attack Pattern and Enumeration (CAPEC). Using Natural Language Processing (NLP) techniques the engine is able to map the vulnerability to specific attack patterns. You can learn more about MITRE CAPEC here.
- MITRE Top 25. Check if the vulnerability type is included in the MITRE Top 25.
Before you can use the API you need to create valid credentials.
- Sign-in to your account under https://kb.prio-n.com. If you don’t have an account go ahead and create one, it’s free.
- From the user menu, navigate to API KEYS.
- Click the CREATE KEYS button. In a few seconds you should be presented with: a ‘client_id’ and a ‘client_secret’.
IMPORTANT: Make sure you note down your ‘client_secret’ as it won’t be shown ever again
If you forget or simply wish to create a new set of API credentials:
- Sign-in to your account under https://kb.prio-n.com. From the user menu, navigate to API KEYS.
- Your already configured ‘cliend_id’ will be shown.
- Click the DELETE button to remove your credential set.
- Follow the creation process above to generate a new set of credentials.
In order to authenticate to the KB API you need an access token. The API uses the client credentials authentication flow. You need to authenticate with the ‘client_id’ and ‘client_secret’ configured in the previous section in order to obtain a valid access token.
Obtaining an access token
You can obtain an access token with curl like below:
curl --request POST --url 'https://prion-kb.eu.auth0.com/oauth/token' --header 'content-type: application/x-www-form-urlencoded' --data ' audience=https://api.prio-n.com& grant_type=client_credentials& client_id=YOUR_CLIENT_ID& client_secret=YOUR_SECRET'
The JSON response will contain your access token along with a few other details like below:
Note: Your response will be slightly different.
Making a request
curl -X 'GET' 'https://api.prio-n.com/v1/vulns/<CVE_ID>' -H 'accept: application/json' -H 'Authorization: Bearer <YOUR_ACCESS_TOKEN>'
The JSON response will contain all data known to the KB for a specific CVE.
More examples can be found under our Github repository here.