Custom fields help you to capture additional information or metadata needed for vulnerability tracking. Custom field definitions define a template for custom fields. Multiple custom fields can reference the same custom field definition data type but use different values. For example, you can create a Custom Field Definition named “Review Date”, which uses the “Date” data type. You can then use Review Date as a custom field for multiple vulnerabilities and set a distinct date value for each vulnerability.
Version 2.0 of the Cisco Vulnerability Management API includes the following Custom Field Definition endpoints:
- Show Custom Field Definition – allows you to fetch a custom field definition by its ID.
- Update Custom Field Definition – allows you to update a custom field definition.
- Delete Custom Field Definitions - allows you to delete a custom field definition by its ID.
- List Custom Field Definitions – allows you to get a list of custom field definitions.
- Create Custom Field Definition - allows you to create a custom field definition.
The v2 API Custom Field Definitions endpoints support both “vulnerability” and “finding” as custom field definition entity types. This allows you to take advantage of all the available custom field definition data types such as drop-down menus and attachments which weren't previously available in v1 of the API.
Note: The finding custom field definition entity type is applicable only for custom fields when you are using the Application Security Module (formerly Kenna.AppSec).
For more information about custom field definitions, refer to the API documentation, and the guide.
