Re: Requirements for Using PSIRT OpenVulnAPI

JamesMitchell58067 · ‎09-27-2019

My company and I are trying to use the PSIRT OpenVuln API to monitor for vulnerabilities but we are not seeing it when I go to create a new API in the API console, I don't see the PSIRT OpenVuln API available for selection (snippet below). How do I get access to it? Do I not have the proper account type? Any information appreciated.

Seb Rupik · ‎10-02-2019

Hi there,

The PSIRT API is only available to cisco users with Partner Service Contracts. You could contact TAC and see if you could be granted access.

Not sure why cisco feel the need to restrict access to the service.

Someone should write a python requests script to scrape the cisco security advisories page and offer a free REST API service based on the collated data. Volunteers?? ;)

cheers,

Seb.

JamesMitchell58067 · ‎10-03-2019

Awesome, thanks for the answer. Do you know how much it would cost to get one of these contracts?

Seb Rupik · ‎10-04-2019

To be honest, I'd never heard of them until a colleague phoned TAC asking for access to the PSIRT API. If you have a cisco account manager try asking them.

I've taken a look what would be involved in write a python REST API and then wget'ing the files from https://tools.cisco.com/security/center/cvrfListing.x , parsing and saving the data structures into a database.

...looks fairly straight forward, I'll post an update on this forum if I get it working.

cheers,

Seb.