Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1149
Views
10
Helpful
1
Replies

PSIRT OpenVuln API Access Info

JamesMitchell58067
Level 1
Level 1

‎10-03-2019 03:46 PM

Hi all,

 

I ran the access thing into the ground with support earlier. Essentially you need a Partner contract and they're looking into it.

I recommend you reach out to psirt@cisco.com with questions but you'll have to push past their first responses to check the docs.

 

I'm very much looking forward to hearing back from them.

 

The entire conversation is below.

 

James:
	As I said in another email I just sent, I've contacted both of our PoC for the OpenVuln API. One of them is OOF until Wednesday next week. The other one is traveling with limited access to email. So I'll relay their answer to you once I have it myself.
	There is a page on cisco.com on how to become a Cisco partner. To be honest, we here at PSIRT are in the support side of the house, so I don't know myself what the steps would be. I would at this time recommend for you to wait to hear from us before going down that path.
	Thanks,
	Dario


On 10/3/19, 6:22 PM, "James M" <james@email.com.com> wrote:
    Dario,
    Again appreciate the help. How will I hear back about this regarding the other contracts?
    In the mean time also, who do I talk to about getting a partner service contract?
    James M
    Software Engineer
    Security
    
    
    On 10/3/19, 3:20 PM, "James M" <james@email.com.com> wrote:
        Thanks for helping me and Scott out with this Dario. Just for some other points of clarification, the instructions in the 'Getting Started Page' are inadequate. See what I was going to send Scott below:
        Following the docs - it tells you to create a new application. I did. It then says create an application and register the API with it. I don’t see the PSIRT openvuln api though. I then clicked on FAQ and looked at the question – ‘What if I don’t see my API?’ It tells me to look in the myAPIs tab – but I also don’t see it there!
        Appreciate the help and I’m looking forward to getting this solved. Here’s the list of APIs I do see:
        Select APIs
        ADAP API
        AIRA Search API
        Alerts 2.0
        bci-aci
        bci-alerts
        bci-collab
        bci-common
        bci-compliance
        bci-config
        bci-cp-api
        bci-ctac
        bci-custom-config
        bci-fp
        bci-inventory
        bci-software
        bci-syslog
        Business Verification API
        CCW Config - POE
        CCWR Quote API
        CCWR Quote API - POE
        CEEM API
        Cisco Carlsbad IT Dev
        Cisco Carlsbad IT QA
        Cisco Carlsbad IT Stage
        CiscoITMeraki API
        Cisco on Demand API - CSWORD
        Cisco On Demand CHIDS API
        Cisco On Demand CSWDMS POE API
        CoDE API
        Collections 2.0
        Conformance 2.0
        Contracts 2.0
        Copy of SBP Service Orchestration API - POE
        csapi Inventory POE API
        CSW PAK Lookup Api
        Cust-PortalPlatform-POE
        Customer 2.0
        Customer Success Central API - POE
        DAAS API
        Datafoundation
        Datafoundation-POE
        DCL DS API
        DCL DS API - Internal
        DCL DS API - Internal - POE
        DCL DS API - POE
        DCP Services
        DF Intransit API - POE
        Doc Central Webservices API
        DocCentral Webservices API - POE
        DocExchange Caching API
        DocExchange Webservices API
        DS Services
        Edna ChatBot API
        emsAPI
        Entitlement Base - Wrapper services
        Entitlement Base - Wrapper services - POE
        ePortal Scorecard
        Hello API
        HelloCommerce API
        HMP API
        IMR GATEWAY API
        Inventory 2.0
        Iron Bank API
        LCA
        LCA POE
        NGI API
        orgstats API
        PAL Services POE
        Pdaf TPS case update
        platform-api
        platform-api - POE
        platform-apps-api
        platform-apps-api - POE
        PROTOBUILDDATA
        SBP Service Orchestration API - POE
        SBP Service Orchestration API - PROD
        SBP Service Orchestration APIs
        SBP SUML
        SBP SUML API - POE
        SearchIHN
        STO Dashboard
        STO Policy Exception Portal
        swc cloud api
        SWC Cloud Public API
        swc personalization api
        UOV Report API
        UpdateProvisionStatus API - POE PE
        WPR API
        WPR API - POE
        Zoom Chat API
        James M
        Software Engineer
        Security
        
        
        
        On 10/3/19, 3:18 PM, "Dario XXne (dXX)" <dXX@cisco.com> wrote:
            Scott, requesting access to the PSIRT openVuln API is not available while logging-in using a guest/no contract account anymore.
            I've followed up with our two regular contacts to understand the changes.
            Thanks,
            Dario
            On 10/3/19, 6:05 PM, "Scott xxr (scxx)" <scxx@cisco.com> wrote:
                James;
                  You should only need a CCO account to gain access to the API console. You should be able to create a CCO account here:
                https://idreg.cloudapps.cisco.com/idreg/guestRegistration.do
                Thanks,
                 Scott
 
 
 
 On Oct 3, 2019, at 17:58, James M <james@email.com.com> wrote:
 Scott,
 I've reviewed them all, attempted to make it, called 4 people and been redirected each time. I was hoping that the PSIRT team would be able to tell me the requirements for accessing the PSIRT OpenVuln API.
 Do you know the requirements to gain access and who I should talk to within Cisco get those?
 Thanks,
 James M
 Software Engineer
 Security
 
 
 
 On 10/3/19, 2:50 PM, "Scott xxr (scxx)" <scxx@cisco.com> wrote:
     James;
       Have you reviewed out DevNet resources?
     https://developer.cisco.com/docs/psirt/#!overview/overview
       I believe you can get an account there, and make use of the API. If there is a cost/contract involved, you would need to speak to a Cisco account team to work through that requirement. Your customer’s team should be able to assist.
     Thanks,
      Scott



On Oct 3, 2019, at 17:39, James M <james@email.com.com> wrote:
Hi PSIRT,
My long road of trying to access the PSIRT OpenVuln API has led me to you guys. My main questions are below but there is more info in the thread if you should need it.
  1.  How do I get access to the PSIRT OpenVuln API?
  2.  Assuming it’s a Partner Service Contract, how do I get one of those and how much does it cost?
Any advice or info is appreciated.
James M
Software Engineer
Security



On 10/3/19, 2:36 PM, "Cisco Technical Support" <tac@cisco.com> wrote:
Hi James,
Good day!
Kindly reach out to the PSIRT team as this is out of our scope.
Contact PSIRT: <psirt@cisco.com>
https://developer.cisco.com/site/support/
https://developer.cisco.com/site/contactus/
Thank you for understanding
Kind Regards,
Elieza 
Global Customer Experience Centers


--------------- Original Message ---------------
From: James M [james@email.com.com]
Sent: 10/4/2019 4:56 AM
To: tac@cisco.com
Subject: Re: Vulnerability Monitoring
Hi Gerardo,
Not sure we're on the same page - my primary goal is to access the PSIRT OpenVuln API<https://developer.cisco.com/psirt/>.  I am open to other suggestions that you guys may have for the situation I detailed below.
  1.  How do I get access to the PSIRT OpenVuln API?
  2.  Assuming it’s a Partner Service Contract, how do I get one of those and how much does it cost?
If you think this is something that requires an engineer, by all means, lets go that route.
Any help appreciated .
Thanks for the help,
James M
Software Engineer
Security
?On 10/3/19, 1:20 PM, "Cisco Technical Support" <tac@cisco.com> wrote:
Dear James,
Thank you for contacting Cisco.
Please be informed, that we are Customer Interaction Network team - we don't have technical background and are unable to answer your question. However, we could open a case based on key information and direct you to an engineer. Technical engineer will help you out then.
Kindly provide me the Cisco user id, the URL for vulnerabilities and Serial number.
Looking forward to your reply,
Regards,
Gerardo III
Global Customer Experience Centers
Is your Company set up for Smart Accounts, and Smart Licensing?  Watch this 2 minute video at https://www.youtube.com/watch?v=52lAQaOFX5Q and discover why a Smart Account is important for your business.




--------------- Original Message ---------------
From: James M [james@email.com.com]
Sent: 10/4/2019 3:24 AM
To: tac@cisco.com
Subject: Vulnerability Monitoring
Hello,
I’m working with a client who has a large number of Cisco switches, routers etc. that are all over the world with intermittent or no connectivity to the global internet. We are looking to set up a system that notifies us of vulnerabilities within these products regularly.
I just spoke to someone on the phone who recommended I shoot you guys an email.
My initial thought is that I would like to access the PSIRT OpenVuln API and set up the queries against an inventory of software/hardware that we maintain, but I am open to other ideas as well.
Please let me know your recommendations on how this might best be done and feel free to give me a call.
Appreciate the help,
James M
Software Engineer
Security
1 person had this problem
1 Reply 1

Seb Rupik
VIP Alumni
VIP Alumni

‎10-04-2019 12:53 AM

"...become a Cisco partner"  ??! Seems like an insane requirement to gain access to an API which was free for all to use for quite some time!

0 Helpful
Customers Also Viewed These Support Documents