RESTful API Access
RISC Networks RESTful API service provides access to data collected and generated through a RISC Networks engagement. Due to the different format and use cases, the data made available through the API may be grouped differently when compared to the RISC Networks SaaS platform. Access to the API requires the use of an API key. The API key may be requested from the Subscription Administration page by the subscription administrator on the RISC Networks portal. If a code has already been requested, it will be displayed on that page. If you are not the administrator but have the subscription code, you may enter the code on that page to get a list of the administrator(s).
This is a startup guide. Documentation of the available end points is via swagger-based documentation at https://api.riscnetworks.com/docs.html.
The majority of API methods require the use of a temporary authentication token for authentication. The token is retrieved through the /1_0/getAuthToken end point. Authentication to get the token requires the user id (email address), an assessment code, and an authentication string which incorporates the user’s password and the API key. The assessment code can be retrieved via the /1_0/getAssessments end point which authenticates with just the user id and authentication string. The following steps are required to build the authentication string:
- Generate an MD5 hash of the user’s password
- Convert all letters in the string to uppercase
- Prepend the API key to the hash resulting from step 2
- Generate an MD5 hash of the string resulting from step 3
The token returned is tied to the user and assessment. It is valid for up to 8 hours, but will expire after 15 minutes of inactivity.
You can find a sample client written in Perl here. This example goes through the process of authenticating the user, listing entitled engagements, pulling assets, and pulling stack summary data.