Table of contents

Coming Soon - Assessments API Service

Topics on this page
Available as Preview
What is the Assessments API?
Endpoints Used
Region Support
User Access
Authorization Requirements
How does the Assessments API help me?
How does the Assessments API work?
Service Limits
Supported rules
For Conformity
For Workload Security:
Feedback and Support

Available as Preview

We’re previewing this feature with selected Cloud One customers and will be looking forward to your feedback.

What is the Assessments API?

The Assessments service enables you to collect Assessments made by Cloud One on your cloud infrastructure. These assessments provide you guidance and appraisal on your infrastructure’s security posture, and progress towards achieving an ideal security best practice architecture.

You can use assessments data to build reports, or feed into SIEM, dashboarding tools, or task management tools.

The service will initially support assessments from Conformity and Workload Security with more assessments from all services to be added in the future based on customer demand.

Endpoints Used

GET/assessments

Region Support

We currently support: the US-1 Region. If you would like us to support your service regions, let us know and we can help make that happen.

User Access

Available only to new accounts, created on or after August 4, 2021. Learn more. For all other account types, please follow the feedback process below.

Authorization Requirements

You will need to create a Cloud One API key to authorize the API request.

How does the Assessments API help me?

Assessments API provides you with a single pane of glass for viewing assessments from your activated Cloud One services. Enabling you to measure and view your security posture in one place with one API call.

How does the Assessments API work?

When a user calls the Assessments API, the request retrieves and combines assessments from multiple Cloud One services into a consolidated single list of assessments. The assessment data is cached for 1 hour.

Service Limits

The current limit for assessments service is maximum 3500 Checks for Workload Security and 2000 Checks for Conformity.

Supported rules

For Conformity

We currently support Conformity rules for the following services:

  • AWS: EC2, IAM

  • Azure: VirtualMachines, ActiveDirectory, and AccessControl

  • GCP: ComputeEngine, CloudIAM

For Workload Security:

  • Workload Security Assessment: EC2 instance is inside a connector 

  • Workload Security Assessment: Cloud Account is synchronised 

  • Workload Security Assessment: Anti-Malware is operating correctly 

  • Workload Security Assessment: Recommendation Scan run recently

  • Workload Security Assessment: Agent is installed 

  • Workload Security Assessment: Computer has less than 500 identified Vulnerabilities 

  • Workload Security Assessment: Virtual Patching is enabled to mitigate critical vulnerabilities 

Feedback and Support

If you would like access, need support or wish to provide feedback for this feature, please email Nicolas Boutmy at nicolas_boutmy@trendmicro.com.