Skip to main content

Get Risk Details

Retrieve details about a potential security risk.

External Documentation

To learn more, visit the Entro documentation.

Parameters

ParameterDescription
Risk GUIDRisk's global unique identifier. Can be obtained using the List Risks action.For example: RSK-1234.

Example Output

{
"guid": "RSK-1273",
"severity": "MEDIUM",
"owner": "adam.cheriki@acme.com",
"detectionTime": "1688302174",
"type": "EXPOSURE",
"rule": "EXPOSED_GITHUB",
"status": "OPEN",
"summary": "A secret of type Certificate is exposed inside 1 commit of the file 'exposure.cert' in the private GitHub repository called 'acme/test'.",
"threatDescription": "Storing secrets in a GitHub repository poses a serious security risk because it's often shared with multiple team members, or in some cases, publicly, which increases the risk of the sensitive information being leaked or misused.",
"payload": {
"tokenStatus": "ENABLED",
"tokenType": "CERTIFICATE",
"tokenSnippet": "----- BEGIN CERT...",
"organization": "acme",
"repository": "test",
"visibility": "PUBLIC",
"filename": "exposure.cert",
"commitAuthor": "adam.cheriki",
"commitUrl": "https://github.com/acme/test/commit/34567d343755bd123f82051681e206da99b400bb",
"commitDate": "2022-12-01T16:12:42Z"
},
"account": {
"environmentType": "PRODUCTION",
"environment": "Acme",
"accountId": "infosecmachine",
"accountType": "GITHUB"
}
}

Workflow Library Example

Get Risk Details with Entro and Send Results Via Email

Workflow LibraryPreview this Workflow on desktop