Leen.dev Unified API for Security

API Reference

Support

List all the vulnerabilities for a given connection.

List Vulnerabilities

Account Id

Availability Zone

Image Id

Instance Id

Instance Type

Kernel Id

Region

Subnet Id

Vpc Id

AWSMetadata

CloudProvider

Device Id

Domain

Org Unit

Site Name

DeviceADInfo

Agent Version

Policies

Signature Version

DeviceAgentInfo

Created By

Description

Name

Vendor

Vendor Created At

Vendor specific pass through data, values can vary based on vendor

Vendor Data

Vendor Id

DeviceGroupsBase

User Sid

Username

DeviceIdentity

DevicePlatform

CloudMetadata, currently only AWS is supported

First Seen

Fqdns

Hostnames

Identities

Installed Software

Ipv4S

Ipv6S

Last Seen

Mac Addresses

Os Major Version

Os Minor Version

Os Version

Source Vendors

Device

DeviceStatus

DeviceTagSource

Value

DeviceTags

DeviceVendor

Pass in the includeDeviceGroups query parameter to include device group information.

Device Groups

DeviceWithGroups

VulnerabilityCategory

Corresponds to an identifier in the vulnerability database provided by the US Computer Emergency Readiness Team (US-CERT)

Cert Id

List of CVEs associated with the vulnerability

Cvss Base Score

Cvss Temporal Score

Cvss Temporal Vector

CVSS vector uses cvss3 when available, provided by the upstream vendor

Cvss Vector

Cvss Version

Description of vulnerability, provided by the upstream vendor

Device attached to the vulnerability, include device groups with includeDeviceGroups query parameter

Name of vulnerability, provided by the upstream vendor

Patchable

Port number of the vulnerability that was detected

Port

Protocol of the vulnerability that was detected, example: tcp

Protocol

Scan output that was provided when detected on the device

Scan Output

Service of the vulnerability that was detected, example: http

Service

Solution for the vulnerability, provided by upstream vendor

Solution

State Updated At

Vendor's ID of the scan that detected the 

Vendor Scan Id

Vendor Severity

Vulnerability

VulnerabilitySeverity

VulnerabilityState

VulnerabilityVendor

Connection ID & API Key

PaginatedResponse[VulnerabilityRespModel]

ErrorResponse

Introduction

Quick Start

Information about the VMS integrations available in Leen. Find out which fields are supported by each integration and how to configure them.

VMS Integrations

Information about the AppSec integrations available in Leen. Find out which fields are supported by each integration and how to configure them.

AppSec Integrations

Information about the EDR integrations available in Leen. Find out which fields are supported by each integration and how to configure them.

EDR Integrations

Information about the CSPM integrations available in Leen. Find out which fields are supported by each integration and how to configure them.

CSPM Integrations

Authentication

Due to a limitation in our docs it has become confusing to figure out how to create a new connection. This guide will help you through the process.

Creating a new connection

Supported AppSec connectors for the AppSec endpoints

AppSec Connectors

List all the issues for a given connection. sort - supports `severity:asc` (eg. lowest to highest criticality) and `severity:desc` if not direction is provided it will default to `asc`

List Issues

Retrieve an issue by its ID (Leen's UUID).

Get Issue by ID

Supported EDR connectors for the EDR endpoints

EDR Connectors

List all the EDR alerts for a given connection.

List Alerts

Retrieve an EDR alert by its ID (Leen's UUID).

Get Alert by ID

List all the device policies for a given connection.

List Policies

Supported VMS connectors for the VMS endpoints

VMS Connectors

Retrieve a vulnerability by its ID (Leen's UUID)

Get Vulnerability by ID

List VMS Scan Configurations

Get VMS Scan Configuration by ID

Supported CSPM connectors for the CSPM endpoints

CSPM Connectors

List Compliance Findings

Supported Device connectors for the Device endpoints and model properties

Device Connectors

List all the devices for a given connection.

List Devices

Retrieve a device by its ID (Leen's UUID).

Get Device by ID

List all the device groups for a given connection.

List Device Groups

Supported Configuration connectors for the Configuration endpoints

Configuration Connectors

List all users who have access to the connection source (e.g. Tenable, Qualys, etc.)

List Configuration Users

Return a User who has access to a connection source by ID (Leen's UUID).

Get Configuration User by ID

Create an organization for a given Account.

Create Organization

List all the organizations for a given Account.

List Organizations

Return an organization by its ID (Leen's UUID).

Get Organization by ID

Create a connection for a given Organization.

Create Connection

List all the connections for a given Organization.

List Connections

Retrieve a connection by its ID (Leen's UUID).

Get Connection by ID

List all the jobs for a given Connection.

List Jobs by Connection ID

Test the connection credentials for a given Connection.

Test Connection Credentials by Connection ID

Delete a connection by its ID and Organization ID (Leen's UUID).

Delete Connection

Update Connection

Create a one-time use connection invite token for an Organization.

Create Connection Invite Token

List all the created connection invite tokens for a given Organization.

List Connection Invite Tokens

OnRamp is Leen's embeddable onboarding component that allows your users to easily create new connections or update existing connections. As an embeddable component, OnRamp is designed to be integrated directly into your application workflow.

API Documentation

AppSec

EDR

VMS

CSPM

Entities

Configuration

Provisioning

OnRamp

Enrichments

List Vulnerabilities

Authorizations

Query Parameters

Response