Firmware Security

Use the v1/firmware/security API to analyze your custom firmware for CVE vulnerabilities and get security reports.

Info

To use this API, you need a subscription to the Digi ConnectCore Security Services. See more details and the available plans on the ConnectCore Security Services page.

URI

https://<hostname>/ws/v1/firmware/security

Formats

HTTP method Format Description Parameters Body
POST /ws/v1/firmware/security/inventory/{vendor_id}/{device_type}/{firmware_version} Creates an SBOM for the given firmware version scan_frequency production SBOM manifest package binary file as ‘application/octet-stream’
GET /ws/v1/firmware/security/inventory Gets a list of all firmware SBOMs size query cursor orderby
GET /ws/v1/firmware/security/inventory/{vendor_id}/{device_type}/{firmware_version} Gets the SBOM for the given firmware version
PUT /ws/v1/firmware/security/inventory/{vendor_id}/{device_type}/{firmware_version} Updates the SBOM for the given firmware version JSON with one or multiple of: ‘scan_frequency’, ‘production’
DELETE /ws/v1/firmware/security/inventory/{vendor_id}/{device_type}/{firmware_version} Deletes the SBOM for the given firmware version
POST /ws/v1/firmware/security/scans/inventory/{vendor_id}/{device_type}/{firmware_version} Scans the given firmware version for vulnerabilities
GET /ws/v1/firmware/security/scans/inventory/{vendor_id}/{device_type}/{firmware_version} Gets a list of all scans for the given firmware version size query cursor orderby
GET /ws/v1/firmware/security/report/{vendor_id}/{device_type}/{firmware_version}/{latest | scan_id} Gets the latest (or specific) security report for the given firmware version format
GET /ws/v1/firmware/security/subscription Gets the current subscription details and remaining scans

Path Parameters

These parameters are required in the URL path of some API calls.

Name Type Description
vendor_id string The vendor ID of the firmware in hex. For example, ConnectCore devices usually have a vendor ID of FE080003.
device_type string The device type of the firmware. Requires encoding special characters (link blanks) correctly.
firmware_version string The version of the firmware in dotted format (XX.XX.XX.XX)
latest | scan_id string Use latest to get the latest report, or provide a specific scan ID to get that report.

Parameters

Name Type Description
size integer Number of items to return. The maximum and default is 1000.
query string The Remote Manager query language query condition used to filter results. See v1 API Query Language.
cursor string Cursor to get the next page of devices. Omit on initial call.
orderby string Specify any field described in the query parameter syntax. Optionally add asc or desc to control the sort order. For example, to order with most recently created jobs first, specify orderby=id desc. Note The default sort order is desc (descending).
scan_frequency string How often to scan the firmware for vulnerabilities. One of: weekly, monthly, quarterly or manual. Default is manual.
production boolean Whether this firmware is used in production. If true, the SBOM cannot be overwritten. Default is false.
format string The format of the security report. So far, only pdf is available. If not specified, the report is returned in JSON format.