Skip to main content
List and query all findings in a given organization.
External DocumentationTo learn more, visit the Cobalt documentation.

Basic Parameters

ParameterDescription
Asset IDReturns findings scoped to the asset id. Can be obtained by the List Assets action.
Organization IDThe ID of the organization the assets belong to. Can be obtained by the List Organizations action.
Pentest IDReturns findings scoped to this pentest id. Can be obtained by the List Pentests action.

Advanced Parameters

ParameterDescription
Created afterReturns findings that were created after the given date.
Created beforeReturns findings that were created before the given date.
CursorSpecifies the pagination cursor for the next page.
Image Attachment TypeReturns image attachments with the specified render format.
LabelReturns findings with specified labels. Multiple labels can be passed in a comma separated list.
LimitNumber of results per page, valid range is 1-100.
SeverityReturns findings at the chosen severity.
SortReturns findings sorted by chosen property.
StateReturns findings at the chosen state.
Updated afterReturns findings that were updated after the given date.
Updated beforeReturns findings that were updated before the given date.

Example Output

{
	"data": [
		{
			"resource": {
				"id": "vl_3sP2RCWWUajc3oRXmbQ4j9",
				"tag": "#PT3334_37",
				"title": "XSS vulnerability",
				"description": "Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts...",
				"type_category": "Cross-Site Scripting (XSS)",
				"labels": [
					{
						"name": "Your label"
					}
				],
				"impact": 5,
				"likelihood": 4,
				"severity": "high",
				"affected_targets": [
					"https://example.com",
					"192.168.1.1"
				],
				"proof_of_concept": "Here you can see...",
				"severity_justification": "The vulnerability can cause a lot of damage",
				"suggested_fix": "Ensure this...",
				"prerequisites": "Credentials are needed",
				"pentest_id": "pt_PEtv4dqnwGV2efZhLw3BM5",
				"http_request": "HTTP GET / ...",
				"asset_id": "as_HcChCMueiPQQgvckmZtRSd",
				"log": [
					{
						"action": "created",
						"timestamp": "2021-04-01T15:13:24.322Z"
					},
					{
						"action": "likelihood_changed",
						"value": 4,
						"timestamp": "2021-04-01T15:14:05.856Z"
					},
					{
						"action": "impact_changed",
						"value": 5,
						"timestamp": "2021-04-01T15:14:05.856Z"
					},
					{
						"action": "state_changed",
						"value": "need_fix",
						"timestamp": "2021-04-01T15:14:06.757Z"
					},
					{
						"action": "state_changed",
						"value": "check_fix",
						"timestamp": "2021-04-01T15:14:57.845Z"
					}
				],
				"state": "check_fix",
				"created_at": "2022-09-26T18:35:18.759Z",
				"updated_at": "2022-09-26T18:36:57.462Z",
				"attachments": [
					{
						"id": "at_LA5GcEL4HRitFGCHREqmzL",
						"file_name": "rainbow.jpeg",
						"download_url": "https://s3.amazonaws.com/acmecorp/uploads/attachment/file/12345/rainbow.jpeg?something=1"
					}
				]
			},
			"links": {
				"ui": {
					"url": "https://api.us.cobalt.io/links/eyJ0eXBlIjoic29tZXRoaW5nIiwib3JnU2x1ZyI6ImNvYmFsdCIsInBlbnRlc3RUYWciOiJz="
				}
			}
		}
	],
	"pagination": {
		"next_page": "/findings?cursor=a1b2c3d4",
		"prev_page": "/findings?cursor=4d3c2b1a"
	}
}

Workflow Library Example

List Findings with Cobalt and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop
I