Webhooks (beta)

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "last_name": "one",
      "user_login_email": "someone@somewhere.com",
      "can_access_app_search": true,
      "can_access_app_secure": true,
      "allowed_app_ids": [],
      "notification_email": "someone@datatheorem.io",
      "can_access_brand_protect": true,
      "first_name": "some",
      "can_access_api_inspect": true,
      "created_by": "someone@datatheorem.io",
      "can_download_reports": true,
      "role": "MANAGER",
      "can_invite_users": true,
      "auth_strategy": "OTP"
    },
    "version": 1,
    "type": "MOBILE_SECURE__USER_CREATED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "user_login_email": "someone@somewhere.com",
      "deleted_by": "someone@datatheorem.io"
    },
    "version": 1,
    "type": "MOBILE_SECURE__USER_DELETED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "user_login_email": "someone@example.com",
      "auth_strategy": "OTP",
      "ip_address": "127.0.0.1",
      "auth_failed_reason": "INVALID_PASSWORD"
    },
    "version": 1,
    "type": "MOBILE_SECURE__USER_LOGIN_FAILED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "user_login_email": "someone@example.com",
      "ip_address": "127.0.0.1",
      "auth_strategy": "OTP"
    },
    "version": 1,
    "type": "MOBILE_SECURE__USER_LOGIN_SUCCESSFUL"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "login_email_updated": {
        "new": "somebody@somewhere.com",
        "old": "someone@somewhere.com"
      },
      "updated_by": "someone@datatheorem.io",
      "user_login_email": "someone@example.com",
      "auth_strategy_updated": {
        "new": "SAML",
        "old": "OTP"
      },
      "role_updated": {
        "new": "MANAGER",
        "old": "DEVELOPER"
      },
      "otp_reset": false
    },
    "version": 1,
    "type": "MOBILE_SECURE__USER_UPDATED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "has_access_to_brand_protect_public_api": true,
      "has_access_to_api_inspect_public_api": false,
      "has_access_to_management_api": false,
      "name": "example api key",
      "has_access_to_cloud_secure_scans_api": true,
      "has_access_to_results_api": true,
      "owned_by": "someone@example.com",
      "id": 2,
      "has_access_to_api_secure_scans_api": true,
      "has_access_to_web_secure_scans_api": false
    },
    "version": 1,
    "type": "MOBILE_SECURE__CUSTOMER_API_KEY_CREATED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "owned_by": "someone@example.com",
      "id": 123456,
      "name": "test"
    },
    "version": 1,
    "type": "MOBILE_SECURE__CUSTOMER_API_KEY_DELETED"
  },
  "time": 123456789
}

{
  "event": {
    "type": "API_SECURE__POLICY_VIOLATION_CREATED",
    "data": {
      "uuid": "3acfe377-9655-49bd-a625-88d9b5bfe275",
      "affected_asset": {
        "uuid": "64c61ca0-e764-487f-969b-f96b96892ff4",
        "name": "test-unencrypted",
        "portal_url": "https://www.securetheorem.com/api/cloud-resources/64c61ca0-e764-487f-969b-f96b96892ff4",
        "date_created": "2021-02-08T09:26:56.949870+00:00",
        "discovered_via": "AMAZON_WEB_SERVICES",
        "url": null,
        "hosted_on": "AMAZON_WEB_SERVICES",
        "type": "CLOUD_RESOURCE",
        "belongs_to_asset_group": {
          "name": "CA Business Unit",
          "uuid": "8cc7e379-1c9a-47df-aad1-a129afba337a"
        },
        "cloud_console_url": "https://console.aws.amazon.com/dynamodb/home?region=us-east-1#cache-cluster:selected=test-unencrypted"
      },
      "policy_violation_status": "OPEN",
      "date_created": "2021-02-08T09:26:57.216670+00:00",
      "relevance": "PROACTIVE",
      "description": "The AWS DynamoDB DAX cluster has encryption at rest disabled, which can result in data leak in the case of unauthorized\naccess.",
      "recommendation": "It is impossible to enable encryption after a cluster has been created.\nThe cluster must be re-created to enable encryption at rest.\n\nLook at the relevant AWS documentation:\n\n - [DAX Encryption at Rest](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAXEncryptionAtRest.html)\n - [Deleting a DAX Cluster](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.deleting)\n - [Creating a DAX Cluster](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.create-cluster.html)",
      "additional_information": null,
      "portal_url": "https://www.securetheorem.com/api/inspect/policy-violations/3acfe377-9655-49bd-a625-88d9b5bfe275",
      "policy_name": "Data Theorem",
      "policy_uuid": "17e0e14d-e6f1-4b35-a5c0-976dbbf41436",
      "policy_portal_url": "https://www.securetheorem.com/api/policy/17e0e14d-e6f1-4b35-a5c0-976dbbf41436",
      "violated_policy_rule_uuid": "3ddb30d9-9d4e-452f-a720-318e4b73edd0",
      "violated_policy_rule_type_uuid": "0036907f-40e0-58cf-9a92-be93d06e3c29",
      "exception_explanation": null,
      "exception_date_created": null
    },
    "version": 1
  },
  "time": 1612776417,
  "host": "securetheorem.com"
}

{
  "event": {
    "type": "API_SECURE__POLICY_VIOLATION_EXCEPTION_ADDED",
    "data": {
      "uuid": "bd1f785b-0d92-4b0d-9f24-60c8209b33e1",
      "affected_asset": {
        "uuid": "d38bcb77-c75a-4935-837f-de42849cea92",
        "name": "tstream",
        "portal_url": "https://www.securetheorem.com/cloud/cloud-resources/d38bcb77-c75a-4935-837f-de42849cea92",
        "date_created": "2020-04-07T12:20:15.946189+00:00",
        "discovered_via": "AMAZON_WEB_SERVICES",
        "type": "CLOUD_RESOURCE",
        "url": null,
        "hosted_on": "AMAZON_WEB_SERVICES",
        "belongs_to_asset_group": {
          "name": "CA Business Unit",
          "uuid": "8cc7e379-1c9a-47df-aad1-a129afba337a"
        },
        "cloud_console_url": "https://console.aws.amazon.com/kinesis/home?region=us-east-1#/streams/details?streamName=tstream&tab=details"
      },
      "policy_violation_status": "WONT_FIX",
      "date_created": "2020-10-23T23:51:42.008493+00:00",
      "date_resolved": null,
      "relevance": "PROACTIVE",
      "description": "The AWS Kinesis Stream is configured with server-side encryption disabled, which can result in data leakage in the case\nof unauthorized access.",
      "recommendation": "In the navigation panel, under Amazon Kinesis, choose Streams and select the Kinesis stream id.\nOn the details panel, go to Server-side encryption click on edit and add an encryption key.",
      "additional_information": null,
      "portal_url": "https://www.securetheorem.com/api/inspect/policy-violations/bd1f785b-0d92-4b0d-9f24-60c8209b33e1",
      "policy_name": "Data Theorem",
      "policy_uuid": "17e0e14d-e6f1-4b35-a5c0-976dbbf41436",
      "policy_portal_url": "https://www.securetheorem.com/api/policy/17e0e14d-e6f1-4b35-a5c0-976dbbf41436",
      "violated_policy_rule_uuid": "f6c1caf4-06b7-42ef-8f76-aa12cde8f897",
      "violated_policy_rule_type_uuid": "9eb4bdb9-64aa-5ae1-8c55-03d198f92fee",
      "exception_explanation": "Risk is low.",
      "exception_date_created": "2021-02-16T16:48:56.236744+00:00"
    },
    "version": 1
  },
  "time": 1613494138,
  "host": "securetheorem.com"
}

{
  "event": {
    "type": "API_SECURE__POLICY_VIOLATION_EXCEPTION_REMOVED",
    "data": {
      "uuid": "bd1f785b-0d92-4b0d-9f24-60c8209b33e1",
      "affected_asset": {
        "uuid": "d38bcb77-c75a-4935-837f-de42849cea92",
        "name": "tstream",
        "portal_url": "https://www.securetheorem.com/cloud/cloud-resources/d38bcb77-c75a-4935-837f-de42849cea92",
        "date_created": "2020-04-07T12:20:15.946189+00:00",
        "discovered_via": "AMAZON_WEB_SERVICES",
        "type": "CLOUD_RESOURCE",
        "url": null,
        "hosted_on": "AMAZON_WEB_SERVICES",
        "belongs_to_asset_group": {
          "name": "CA Business Unit",
          "uuid": "8cc7e379-1c9a-47df-aad1-a129afba337a"
        },
        "cloud_console_url": "https://console.aws.amazon.com/kinesis/home?region=us-east-1#/streams/details?streamName=tstream&tab=details"
      },
      "policy_violation_status": "OPEN",
      "date_created": "2020-10-23T23:51:42.008493+00:00",
      "date_resolved": null,
      "relevance": "PROACTIVE",
      "description": "The AWS Kinesis Stream is configured with server-side encryption disabled, which can result in data leakage in the case\nof unauthorized access.",
      "recommendation": "In the navigation panel, under Amazon Kinesis, choose Streams and select the Kinesis stream id.\nOn the details panel, go to Server-side encryption click on edit and add an encryption key.",
      "additional_information": null,
      "portal_url": "https://www.securetheorem.com/api/inspect/policy-violations/bd1f785b-0d92-4b0d-9f24-60c8209b33e1",
      "policy_name": "Data Theorem",
      "policy_uuid": "17e0e14d-e6f1-4b35-a5c0-976dbbf41436",
      "policy_portal_url": "https://www.securetheorem.com/api/policy/17e0e14d-e6f1-4b35-a5c0-976dbbf41436",
      "violated_policy_rule_uuid": "f6c1caf4-06b7-42ef-8f76-aa12cde8f897",
      "violated_policy_rule_type_uuid": "9eb4bdb9-64aa-5ae1-8c55-03d198f92fee",
      "exception_explanation": null,
      "exception_date_removed": "2021-02-16T16:48:56.236744+00:00"
    },
    "version": 1
  },
  "time": 1613494138,
  "host": "securetheorem.com"
}

{
  "event": {
    "type": "API_SECURE__POLICY_VIOLATION_RESOLVED",
    "data": {
      "uuid": "924f1fb0-ebaa-4dfd-9297-390c0df18b44",
      "affected_asset": {
        "uuid": "ed1d9485-5672-4db0-81aa-f8e5c96ba750",
        "name": "gumtree.com.au",
        "portal_url": "https://www.securetheorem.com/api/network-services/ed1d9485-5672-4db0-81aa-f8e5c96ba750",
        "date_created": "2020-07-23T08:18:30.450602+00:00",
        "discovered_via": "WEBSITE_CRAWLER",
        "url": "https://gumtree.com.au",
        "hosted_on": "UNKNOWN",
        "type": "NETWORK_SERVICE",
        "belongs_to_asset_group": null,
        "cloud_console_url": null
      },
      "policy_violation_status": "RESOLVED",
      "date_created": "2021-01-19T12:04:15.714371+00:00",
      "relevance": "IMPORTANT",
      "description": "The server leverages a certificate for SSL/TLS connections that will expire in less than the configured number of days.\\n\\nIf the SSL certificate is not renewed in time, clients including browsers and mobile applications will not allow\\nconnecting to the server, and will instead display an error to the end-user stating that the connection is not secure.",
      "recommendation": "Deploy a new SSL/TLS certificate on the affected server.",
      "additional_information": null,
      "portal_url": "https://www.securetheorem.com/api/inspect/policy-violations/924f1fb0-ebaa-4dfd-9297-390c0df18b44",
      "policy_name": "Data Theorem",
      "policy_uuid": "17e0e14d-e6f1-4b35-a5c0-976dbbf41436",
      "policy_portal_url": "https://www.securetheorem.com/api/policy/17e0e14d-e6f1-4b35-a5c0-976dbbf41436",
      "violated_policy_rule_uuid": "471284cb-e96a-49e0-a729-674cfe18f506",
      "violated_policy_rule_type_uuid": "5c3b1f37-8509-5c6e-abed-6ee9f3497c17",
      "exception_explanation": null,
      "exception_date_created": null
    },
    "version": 1
  },
  "time": 1611733052,
  "host": "securetheorem.com"
}

{
  "event": {
    "type": "API_SECURE__NETWORK_SERVICE_DISCOVERED",
    "data": {
      "uuid": "14286cc6-7f6f-4a3e-9484-e06977e7c923",
      "status": "ONLINE",
      "date_created": "2021-02-04T08:10:04.955520+00:00",
      "domain_name_uuid": "358e0e04-f9e1-48f7-ae49-437eeabe2250",
      "domain_name": "bibliothequehistorique-visitevirtuelle.paris.fr",
      "port": 80,
      "application_layer_protocol": "HTTP",
      "is_tls_encrypted": false,
      "url": "http://bibliothequehistorique-visitevirtuelle.paris.fr",
      "discovered_via": "WEBSITE_CRAWLER",
      "hosted_on": "UNKNOWN"
    },
    "version": 1
  },
  "time": 1612426206,
  "host": "securetheorem.com"
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "has_access_to_api_inspect_public_api_updated": {
        "new": true,
        "old": false
      },
      "has_access_to_cloud_secure_scans_api_updated": {
        "new": false,
        "old": true
      },
      "has_access_to_api_secure_scans_api_updated": {
        "new": false,
        "old": true
      },
      "name_updated": {
        "new": "b",
        "old": "a"
      },
      "has_access_to_results_api_updated": {
        "new": false,
        "old": true
      },
      "owned_by_updated": {
        "new": "someone.else@example.com",
        "old": "someone@example.com"
      },
      "has_access_to_web_secure_scans_api_updated": {
        "new": true,
        "old": false
      },
      "has_access_to_management_api_updated": {
        "new": true,
        "old": false
      },
      "has_access_to_brand_protect_public_api_updated": {
        "new": false,
        "old": true
      },
      "id": 2
    },
    "version": 1,
    "type": "MOBILE_SECURE__CUSTOMER_API_KEY_UPDATED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "upload_source": "DT_UPLOAD_API",
      "mobile_app": {
        "platform": "IOS",
        "id": 3,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      },
      "request_customer_approval": true
    },
    "version": 1,
    "type": "MOBILE_SECURE__APPLICATION_ADDED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "upload_source": "DT_UPLOAD_API",
      "app_store_mobile_app": {
        "platform": "ANDROID",
        "id": 3,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      },
      "uploading_user_email": "someone@example.com",
      "mobile_app": {
        "platform": "IOS",
        "id": 5,
        "release_type": "PRE_PROD",
        "bundle_id": "com.example.mobile.app.preprod"
      },
      "request_customer_approval": true
    },
    "version": 1,
    "type": "MOBILE_SECURE__APPLICATION_ADDED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "mobile_app": {
        "platform": "ANDROID",
        "id": 3,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      }
    },
    "version": 1,
    "type": "MOBILE_SECURE__APPLICATION_REMOVED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "app_store_mobile_app_updated": {
        "new": {
          "platform": "IOS",
          "id": 3,
          "release_type": "APP_STORE",
          "bundle_id": "com.example.mobile.app"
        },
        "old": null
      },
      "subscription_updated": {
        "new": "STATIC",
        "old": "NO_SUBSCRIPTION"
      },
      "mobile_app": {
        "platform": "IOS",
        "id": 5,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      }
    },
    "version": 1,
    "type": "MOBILE_SECURE__APPLICATION_UPDATED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "finding": {
        "is_permanently_closed": false,
        "associated_cwe_ids": [],
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "security_finding_targets"
          }
        ],
        "compliance_policy_references": [],
        "severity": "LOW",
        "mobile_app_id": 2,
        "aggregated_status": "NEW",
        "associated_cve_ids": [],
        "recommendation": "Some recommandation from datataheorem",
        "id": "006564",
        "description": "Some description from datatheorem",
        "category": "DATA_LOSS_TO_HACKERS",
        "importance_tags": [
          "SECURITY"
        ],
        "issue_type_id": "709fe45d-391b-51c0-a8a0-40845871cb25",
        "notes": [
          {
            "is_internal_comment": false,
            "author_email": "someone@example.com",
            "is_question_for_datatheorem": true,
            "date_created": "2021-09-30T12:49:01.643532",
            "is_reply_from_datatheorem": false,
            "text": "Some question about this issue.",
            "id": 4
          }
        ],
        "title": "Security Finding title",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/006564",
        "results_last_updated": "2021-09-30T12:49:01.612201",
        "exploitability": "EASY"
      },
      "finding_note": {
        "is_internal_comment": false,
        "author_email": "someone@example.com",
        "is_question_for_datatheorem": true,
        "date_created": "2021-09-30T12:49:01.643532",
        "is_reply_from_datatheorem": false,
        "text": "Some question about this issue",
        "id": 4
      },
      "mobile_app": {
        "platform": "IOS",
        "id": 2,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      }
    },
    "version": 1,
    "type": "MOBILE_SECURE__CUSTOMER_SECURITY_FINDING_NOTE_CREATED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "finding": {
        "is_permanently_closed": false,
        "associated_cwe_ids": [],
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "security_finding_targets"
          }
        ],
        "compliance_policy_references": [],
        "severity": "LOW",
        "mobile_app_id": 2,
        "aggregated_status": "NEW",
        "associated_cve_ids": [],
        "recommendation": "Some recommandation from datataheorem",
        "id": "006564",
        "description": "Some description from datatheorem",
        "category": "DATA_LOSS_TO_HACKERS",
        "importance_tags": [
          "SECURITY"
        ],
        "issue_type_id": "709fe45d-391b-51c0-a8a0-40845871cb25",
        "notes": [
          {
            "is_internal_comment": false,
            "author_email": "someone@example.com",
            "is_question_for_datatheorem": true,
            "date_created": "2021-09-30T12:49:01.643532",
            "is_reply_from_datatheorem": false,
            "text": "Some question about this issue.",
            "id": 4
          }
        ],
        "title": "Security Finding title",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/006564",
        "results_last_updated": "2021-09-30T12:49:01.612201",
        "exploitability": "EASY"
      },
      "finding_note": {
        "is_internal_comment": false,
        "author_email": "someone@example.com",
        "is_question_for_datatheorem": true,
        "date_created": "2021-09-30T12:49:01.643532",
        "is_reply_from_datatheorem": false,
        "text": "Some question about this issue",
        "id": 4
      },
      "mobile_app": {
        "platform": "IOS",
        "id": 2,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      }
    },
    "version": 1,
    "type": "MOBILE_SECURE__CUSTOMER_SECURITY_FINDING_NOTE_DELETED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "finding": {
        "is_permanently_closed": false,
        "associated_cwe_ids": [],
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "security_finding_targets"
          }
        ],
        "compliance_policy_references": [],
        "severity": "HIGH",
        "mobile_app_id": 2,
        "aggregated_status": "NEW",
        "associated_cve_ids": [],
        "recommendation": "Some recommendation from datatheorem",
        "id": "004727",
        "description": "Description of the issue",
        "category": "DATA_IN_TRANSIT_EXPOSURE",
        "importance_tags": [
          "SECURITY"
        ],
        "issue_type_id": "db11bae9-9a59-56b9-9732-7d3493a617f3",
        "notes": [],
        "title": "Title of the security finding",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/004727",
        "results_last_updated": "2021-09-30T12:49:05.140960",
        "exploitability": "DIFFICULT"
      },
      "finding_target": {
        "additional_contexts": [],
        "security_finding_id": "004727",
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "security_findings"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          }
        ],
        "current_status_date": "2021-09-30T12:49:05.140960",
        "text": "default value",
        "mobile_app_id": 2,
        "current_status": "CLOSED_COMPENSATING_CONTROL",
        "issue_type_id": "db11bae9-9a59-56b9-9732-7d3493a617f3",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/004727/targets/10",
        "id": 10,
        "statuses": [],
        "results_last_updated": "2021-09-30T12:49:05.140960"
      },
      "mobile_app": {
        "platform": "IOS",
        "id": 2,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      }
    },
    "version": 1,
    "type": "MOBILE_SECURE__CUSTOMER_SECURITY_FINDING_TARGET_CLOSED_COMPENSATING_CONTROL"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "finding": {
        "is_permanently_closed": false,
        "associated_cwe_ids": [],
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "security_finding_targets"
          }
        ],
        "compliance_policy_references": [],
        "severity": "MEDIUM",
        "mobile_app_id": 2,
        "aggregated_status": "NEW",
        "associated_cve_ids": [],
        "recommendation": "Some recommendation from datatheorem",
        "id": "006843",
        "description": "Description for this issue",
        "category": "UNAUTHORIZED_DATA_COLLECTION",
        "importance_tags": [
          "SECURITY"
        ],
        "issue_type_id": "82b2e067-bacf-50d7-b651-e4b07583c76b",
        "notes": [],
        "title": "Title of the security finding",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/006843",
        "results_last_updated": "2021-09-30T12:49:02.577982",
        "exploitability": "MODERATE"
      },
      "finding_target": {
        "additional_contexts": [],
        "security_finding_id": "006843",
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "security_findings"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          }
        ],
        "current_status_date": "2021-09-30T12:49:02.577982",
        "text": "default value",
        "mobile_app_id": 2,
        "current_status": "CLOSED_FIXED",
        "issue_type_id": "82b2e067-bacf-50d7-b651-e4b07583c76b",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/006843/targets/10",
        "id": 10,
        "statuses": [],
        "results_last_updated": "2021-09-30T12:49:02.577982"
      },
      "mobile_app": {
        "platform": "IOS",
        "id": 2,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      }
    },
    "version": 1,
    "type": "MOBILE_SECURE__CUSTOMER_SECURITY_FINDING_TARGET_CLOSED_FIXED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "finding": {
        "is_permanently_closed": false,
        "associated_cwe_ids": [],
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "security_finding_targets"
          }
        ],
        "compliance_policy_references": [],
        "severity": "MEDIUM",
        "mobile_app_id": 2,
        "aggregated_status": "NEW",
        "associated_cve_ids": [],
        "recommendation": "Some recommendation from datatheorem",
        "id": "005366",
        "description": "Description for this issue",
        "category": "DATA_LOSS_TO_HACKERS",
        "importance_tags": [
          "SECURITY"
        ],
        "issue_type_id": "c674d58b-e9a9-5003-bae6-93e881872375",
        "notes": [],
        "title": "Title of the security finding",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/005366",
        "results_last_updated": "2021-09-30T12:49:05.749302",
        "exploitability": "MODERATE"
      },
      "finding_target": {
        "additional_contexts": [],
        "security_finding_id": "005366",
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "security_findings"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          }
        ],
        "current_status_date": "2021-09-30T12:49:05.749302",
        "text": "default value",
        "mobile_app_id": 2,
        "current_status": "CLOSED_RISK_ACCEPTED",
        "issue_type_id": "c674d58b-e9a9-5003-bae6-93e881872375",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/005366/targets/10",
        "id": 10,
        "statuses": [],
        "results_last_updated": "2021-09-30T12:49:05.749302"
      },
      "mobile_app": {
        "platform": "ANDROID",
        "id": 2,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      }
    },
    "version": 1,
    "type": "MOBILE_SECURE__CUSTOMER_SECURITY_FINDING_TARGET_CLOSED_RISK_ACCEPTED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "finding": {
        "is_permanently_closed": false,
        "associated_cwe_ids": [],
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "security_finding_targets"
          }
        ],
        "compliance_policy_references": [],
        "severity": "LOW",
        "mobile_app_id": 2,
        "aggregated_status": "NEW",
        "associated_cve_ids": [],
        "recommendation": "Some recommendation from datatheorem",
        "id": "006470",
        "description": "Description of the issue",
        "category": "DATA_AT_REST_EXPOSURE",
        "importance_tags": [
          "SECURITY"
        ],
        "issue_type_id": "f16949d9-7170-5e3a-b95e-472e74c31382",
        "notes": [],
        "title": "Title of the security finding",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/006470",
        "results_last_updated": "2021-09-30T12:49:03.222689",
        "exploitability": "EASY"
      },
      "finding_target": {
        "additional_contexts": [],
        "security_finding_id": "006470",
        "links": [
          {
            "href": "mobile_apps/2",
            "type": "GET",
            "rel": "mobile_apps"
          },
          {
            "href": "security_findings?mobile_app_id=2",
            "type": "GET",
            "rel": "security_findings"
          },
          {
            "href": "security_finding_targets?mobile_app_id=2",
            "type": "GET",
            "rel": "self"
          }
        ],
        "current_status_date": "2021-09-30T12:49:03.222689",
        "text": "default value",
        "mobile_app_id": 2,
        "current_status": "NEW",
        "issue_type_id": "f16949d9-7170-5e3a-b95e-472e74c31382",
        "portal_url": "https://www.securetheorem.com/mobile/app/2/issues/006470/targets/8",
        "id": 8,
        "statuses": [],
        "results_last_updated": "2021-09-30T12:49:03.222689"
      },
      "mobile_app": {
        "platform": "ANDROID",
        "id": 2,
        "release_type": "APP_STORE",
        "bundle_id": "com.example.mobile.app"
      }
    },
    "version": 1,
    "type": "MOBILE_SECURE__CUSTOMER_SECURITY_FINDING_TARGET_CREATED"
  },
  "time": 123456789
}

{
  "host": "securetheorem.com",
  "event": {
    "data": {
      "report_version": 12,
      "start_timestamp": 1611733052.00321,
      "end_timestamp": 3261389251.112,
      "deployment_info": {},
      "inbound_request": {
        "request_id": "d6cd1804-fcfd-476d-b1a3-c0add569e9f2",
        "timestamp": 1651169787.362516,
        "protocol": "HTTP/1.1",
        "method": "POST",
        "host": "test.com",
        "port": 443,
        "path": "/v1/path/of/request",
        "query": {
          "query_key": "**omitted** type=str entropy=query_value"
        },
        "headers": {
          "accept": "*/*",
          "accept-encoding": "gzip, deflate",
          "cache-control": "no-cache",
          "content-length": "422",
          "content-type": "application/csp-report",
          "host": "q2fp0r1bc6.execute-api.us-west-2.amazonaws.com",
          "origin": "https://www.datatheorem.com",
          "pragma": "no-cache",
          "referer": "https://www.datatheorem.com/",
          "user-agent": "Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; EML-AL00 Build/HUAWEIEML-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 baidu.sogo.uc.UCBrowser/11.9.4.974 UWS/2.13.1.48 Mobile Safari/537.36 AliApp(DingTalk/4.5.11) com.alibaba.android.rimet/10487439 Channel/227200 language/zh-CN",
          "x-amzn-trace-id": "Root=1-6114050a-4b8c4350788fee1270e80a7a",
          "x-forwarded-for": "27.115.124.6",
          "x-forwarded-port": "443",
          "x-forwarded-proto": "https"
        },
        "body": null,
        "scheme": "https",
        "context": {
          "account": "user_datatheorem",
          "detail": {
            "additionalEventData": {
              "AuthenticationMethod": "password",
              "CipherSuite": "rsa",
              "SignatureVersion": "3.0",
              "bytesTransferredIn": 1231291249,
              "bytesTransferredOut": 98098742123,
              "objectRetentionInfo": null
            },
            "x-amz-id-2": "X7qs82SKLMLCJQKGGUI123BQSDqsqsd098123DQSDJHSQouiouikJHZ"
          },
          "awsRegion": "us-west-1",
          "errorCode": "128",
          "errorMessage": "Operation failed due to an unknown issue. Please retry or contact support",
          "eventCategory": null,
          "eventID": "4b1508f6-f74d-40dc-99af-717d4ae99e76",
          "eventName": "Api call via cloud trail",
          "eventSource": "aws",
          "eventTime": "2024-10-04T18:14:55+0000",
          "eventType": "Api protect report",
          "eventVersion": "3.2.2",
          "managementEvent": null,
          "recipientAccountId": "21392f76-3a52-469e-92a2-8b65211c5f31",
          "requestID": "99984771",
          "requestParameters": {
            "Host": "www.example-datatheorem.com",
            "bucketName": "data-theorem-bucket-name",
            "key": "ght_qs31sd2q3g4ftjukdgfg5i",
            "legal-hold": null,
            "retention": null
          }
        },
        "resources": [
          {
            "ARN": "arn:aws:iam::485017637372:role/DataTheoremAwsI-DataTheoremAwsInstallerSt-3kmKxDcXLx5C",
            "accountId": "426c2307-bc39-4433-9a9d-377daaabe383",
            "type": "normal"
          },
          {
            "ARN": "arn:aws:iam::9856270188563:role/DataTheoremAwsI-DataTheoremAwsInstallerSt-6puZxEcXKx1T",
            "accountId": "89da1029-150b-4ae5-917a-be27b6c66f80",
            "type": "normal"
          }
        ],
        "responseElements": null,
        "sourceIPAddress": "8.8.8.8",
        "tlsDetails": {
          "cipherSuite": "tsl_ecdhe_rsa_with_sha384",
          "clientProvidedHostHeader": "example.com",
          "tlsVersion": "TLS 1.3"
        },
        "userAgent": "Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; EML-AL00 Build/HUAWEIEML-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 baidu.sogo.uc.UCBrowser/11.9.4.974 UWS/2.13.1.48 Mobile Safari/537.36 AliApp(DingTalk/4.5.11) com.alibaba.android.rimet/10487439 Channel/227200 language/zh-CN",
        "userIdentity": {
          "accessKeyId": "1283492I123",
          "accountId": "eb3e195c-2a4d-4771-b1aa-f66dd31c25e5",
          "arn": "arn:aws:iam::485017637372:role/DataTheoremAwsI-DataTheoremAwsInstallerSt-3kmKxDcXLx5C",
          "principalId": "213123999213",
          "sessionContext": null,
          "type": "normal"
        },
        "vpcEndpointId": "vpce-0f2a8c3d8z1g23h8j",
        "x-amazon-open-api-schema-readOnly": true
      },
      "detail-type": "AWS API Call via CloudTrail",
      "id": "d6cd1804-fcfd-476d-b1a3-c0add569e9f2",
      "region": "us-west-1",
      "resources": [],
      "source": "aws.s3",
      "time": "2024-10-04T18:14:55+0000",
      "version": "12.0.0"
    },
    "source_ip_address": "8.8.8.8",
    "auth_id": null,
    "user_agent": "Mozilla/5.0 (Linux; U; Android 8.1.0; zh-CN; EML-AL00 Build/HUAWEIEML-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 baidu.sogo.uc.UCBrowser/11.9.4.974 UWS/2.13.1.48 Mobile Safari/537.36 AliApp(DingTalk/4.5.11) com.alibaba.android.rimet/10487439 Channel/227200 language/zh-CN",
    "content_length": 17,
    "content_type": "application/json",
    "cookies": null,
    "forwarded": [
      "27.115.124.6"
    ],
    "forwarded_scheme": "https"
  },
  "inbound_request_allowed": true,
  "events": [
    {
      "event_type": "BOLA_ATTACK",
      "event_action": "LOG",
      "event_context": {},
      "event_timestamp": 1633956341.602299
    },
    {
      "event_type": "BOT_DETECTED",
      "event_action": "LOG",
      "event_context": {
        "name": "360Spider",
        "category": "Search bot",
        "url": "https://perdu.com"
      },
      "event_timestamp": 1633956341.602299
    },
    {
      "event_type": "SQLI_ATTACK",
      "event_action": "LOG",
      "event_context": {
        "version": 1,
        "location": "QUERY",
        "payload": "SQLI_PAYLOAD",
        "path": [
          "bad_key"
        ]
      },
      "event_timestamp": 1633956341.602299
    },
    {
      "event_type": "SSRF_ATTACK",
      "event_action": "LOG",
      "event_context": {
        "version": 1,
        "payload": "http://127.0.0.1:80",
        "location": "QUERY",
        "path": "query-key"
      },
      "event_timestamp": 1633956341.602299
    }
  ],
  "internal_logs": [
    "[INFO] 2021-10-11 12:45:38,798 main Enabling Data Theorem Api Protection Agent",
    "[INFO] 2021-10-11 12:45:41,581 agent Checking request",
    "[INFO] 2021-10-11 12:45:41,581 agent request_is_allowed:True blocked_reason:None",
    "[INFO] 2021-10-11 12:45:41,581 agent Enabling DataTheorem API Protection",
    "[INFO] 2021-10-11 12:45:41,582 agent Instrumenting libraries",
    "[INFO] 2021-10-11 12:45:41,601 agent Adding audits"
  ],
  "config_source": "Peter",
  "config_version": 12,
  "config_timestamp": 5611233355.821321,
  "sdk_version": "12.0.0",
  "client_type": "CLOUD_PROTECT",
  "inbound_request_blocked_reason": null
}