Firmware Security
Use the v1/firmware/security API to analyze your custom firmware for CVE vulnerabilities and get security reports.
Info
To use this API, you need a subscription to the Digi ConnectCore Security Services. See more details and the available plans on the ConnectCore Security Services page.
URI
https://<hostname>/ws/v1/firmware/security
Formats
| HTTP method | Format | Description | Parameters | Body |
|---|---|---|---|---|
| POST | /ws/v1/firmware/security/inventory/{vendor_id}/{device_type}/{firmware_version} | Creates an SBOM for the given firmware version | scan_frequency production | SBOM manifest package binary file as ‘application/octet-stream’ |
| GET | /ws/v1/firmware/security/inventory | Gets a list of all firmware SBOMs | size query cursor orderby | |
| GET | /ws/v1/firmware/security/inventory/{vendor_id}/{device_type}/{firmware_version} | Gets the SBOM for the given firmware version | ||
| PUT | /ws/v1/firmware/security/inventory/{vendor_id}/{device_type}/{firmware_version} | Updates the SBOM for the given firmware version | JSON with one or multiple of: ‘scan_frequency’, ‘production’ | |
| DELETE | /ws/v1/firmware/security/inventory/{vendor_id}/{device_type}/{firmware_version} | Deletes the SBOM for the given firmware version | ||
| POST | /ws/v1/firmware/security/scans/inventory/{vendor_id}/{device_type}/{firmware_version} | Scans the given firmware version for vulnerabilities | ||
| GET | /ws/v1/firmware/security/scans/inventory/{vendor_id}/{device_type}/{firmware_version} | Gets a list of all scans for the given firmware version | size query cursor orderby | |
| GET | /ws/v1/firmware/security/report/{vendor_id}/{device_type}/{firmware_version}/{latest | scan_id} | Gets the latest (or specific) security report for the given firmware version | format | |
| GET | /ws/v1/firmware/security/subscription | Gets the current subscription details and remaining scans |
Path Parameters
These parameters are required in the URL path of some API calls.
| Name | Type | Description |
|---|---|---|
| vendor_id | string | The vendor ID of the firmware in hex. For example, ConnectCore devices usually have a vendor ID of FE080003. |
| device_type | string | The device type of the firmware. Requires encoding special characters (link blanks) correctly. |
| firmware_version | string | The version of the firmware in dotted format (XX.XX.XX.XX) |
| latest | scan_id | string | Use latest to get the latest report, or provide a specific scan ID to get that report. |
Parameters
| Name | Type | Description |
|---|---|---|
| size | integer | Number of items to return. The maximum and default is 1000. |
| query | string | The Remote Manager query language query condition used to filter results. See v1 API Query Language. |
| cursor | string | Cursor to get the next page of devices. Omit on initial call. |
| orderby | string | Specify any field described in the query parameter syntax. Optionally add asc or desc to control the sort order. For example, to order with most recently created jobs first, specify orderby=id desc. Note The default sort order is desc (descending). |
| scan_frequency | string | How often to scan the firmware for vulnerabilities. One of: weekly, monthly, quarterly or manual. Default is manual. |
| production | boolean | Whether this firmware is used in production. If true, the SBOM cannot be overwritten. Default is false. |
| format | string | The format of the security report. So far, only pdf is available. If not specified, the report is returned in JSON format. |