API Reference

Intel

Attack Surface Report

Issues

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

Retrieves Security Center Issues

Deprecated

client.Intel.AttackSurfaceReport.Issues.List(ctx, params) (*V4PagePagination[AttackSurfaceReportIssueListResponse], error)

GET/accounts/{account_id}/intel/attack-surface-report/issues

Lists all Security Center issues for the account, showing active security problems requiring attention.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

Accepted Permissions (at least one required)

Intel WriteIntel Read

ParametersExpand Collapse

params AttackSurfaceReportIssueListParams

AccountID param.Field[string]

Path param: Identifier.

maxLength32

Dismissed param.Field[bool]Optional

Query param

IssueClass param.Field[[]string]Optional

Query param

IssueClassNeq param.Field[[]string]Optional

Query param

IssueType param.Field[[]IssueType]Optional

Query param

const IssueTypeComplianceViolation IssueType = "compliance_violation"

const IssueTypeEmailSecurity IssueType = "email_security"

const IssueTypeExposedInfrastructure IssueType = "exposed_infrastructure"

const IssueTypeInsecureConfiguration IssueType = "insecure_configuration"

const IssueTypeWeakAuthentication IssueType = "weak_authentication"

const IssueTypeConfigurationSuggestion IssueType = "configuration_suggestion"

IssueTypeNeq param.Field[[]IssueType]Optional

Query param

const IssueTypeComplianceViolation IssueType = "compliance_violation"

const IssueTypeEmailSecurity IssueType = "email_security"

const IssueTypeExposedInfrastructure IssueType = "exposed_infrastructure"

const IssueTypeInsecureConfiguration IssueType = "insecure_configuration"

const IssueTypeWeakAuthentication IssueType = "weak_authentication"

const IssueTypeConfigurationSuggestion IssueType = "configuration_suggestion"

Page param.Field[int64]Optional

Query param: Specifies the current page within paginated list of results.

PerPage param.Field[int64]Optional

Query param: Sets the number of results per page of results.

maximum1000

minimum1

Product param.Field[[]string]Optional

Query param

ProductNeq param.Field[[]string]Optional

Query param

Severity param.Field[[]SeverityQueryParam]Optional

Query param

const SeverityQueryParamLow SeverityQueryParam = "low"

const SeverityQueryParamModerate SeverityQueryParam = "moderate"

const SeverityQueryParamCritical SeverityQueryParam = "critical"

SeverityNeq param.Field[[]SeverityQueryParam]Optional

Query param

const SeverityQueryParamLow SeverityQueryParam = "low"

const SeverityQueryParamModerate SeverityQueryParam = "moderate"

const SeverityQueryParamCritical SeverityQueryParam = "critical"

Subject param.Field[[]string]Optional

Query param

SubjectNeq param.Field[[]string]Optional

Query param

ReturnsExpand Collapse

type AttackSurfaceReportIssueListResponse struct{…}

Count int64Optional

Indicates the total number of results.

Issues []AttackSurfaceReportIssueListResponseIssueOptional

ID stringOptional

Dismissed boolOptional

HasExtendedContext boolOptional

Indicates whether the insight has a large payload that requires fetching via the context endpoint.

IssueClass stringOptional

IssueType IssueTypeOptional

One of the following:

const IssueTypeComplianceViolation IssueType = "compliance_violation"

const IssueTypeEmailSecurity IssueType = "email_security"

const IssueTypeExposedInfrastructure IssueType = "exposed_infrastructure"

const IssueTypeInsecureConfiguration IssueType = "insecure_configuration"

const IssueTypeWeakAuthentication IssueType = "weak_authentication"

const IssueTypeConfigurationSuggestion IssueType = "configuration_suggestion"

Payload AttackSurfaceReportIssueListResponseIssuesPayloadOptional

DetectionMethod stringOptional

Describes the method used to detect insight.

ZoneTag stringOptional

ResolveLink stringOptional

ResolveText stringOptional

Severity AttackSurfaceReportIssueListResponseIssuesSeverityOptional

One of the following:

const AttackSurfaceReportIssueListResponseIssuesSeverityLow AttackSurfaceReportIssueListResponseIssuesSeverity = "Low"

const AttackSurfaceReportIssueListResponseIssuesSeverityModerate AttackSurfaceReportIssueListResponseIssuesSeverity = "Moderate"

const AttackSurfaceReportIssueListResponseIssuesSeverityCritical AttackSurfaceReportIssueListResponseIssuesSeverity = "Critical"

Since TimeOptional

formatdate-time

Status AttackSurfaceReportIssueListResponseIssuesStatusOptional

The current status of the insight.

One of the following:

const AttackSurfaceReportIssueListResponseIssuesStatusActive AttackSurfaceReportIssueListResponseIssuesStatus = "active"

const AttackSurfaceReportIssueListResponseIssuesStatusResolved AttackSurfaceReportIssueListResponseIssuesStatus = "resolved"

Subject stringOptional

Timestamp TimeOptional

formatdate-time

UserClassification AttackSurfaceReportIssueListResponseIssuesUserClassificationOptional

User-defined classification for the insight. Can be ‘false_positive’, ‘accept_risk’, ‘other’, or null.

One of the following:

const AttackSurfaceReportIssueListResponseIssuesUserClassificationFalsePositive AttackSurfaceReportIssueListResponseIssuesUserClassification = "false_positive"

const AttackSurfaceReportIssueListResponseIssuesUserClassificationAcceptRisk AttackSurfaceReportIssueListResponseIssuesUserClassification = "accept_risk"

const AttackSurfaceReportIssueListResponseIssuesUserClassificationOther AttackSurfaceReportIssueListResponseIssuesUserClassification = "other"

Page int64Optional

Specifies the current page within paginated list of results.

PerPage int64Optional

Sets the number of results per page of results.

maximum1000

minimum1

Retrieves Security Center Issues

Go

HTTP

TypeScript

Python

Go

Terraform

package main

import (
  "context"
  "fmt"

  "github.com/stainless-sdks/cloudflare-go"
  "github.com/stainless-sdks/cloudflare-go/intel"
  "github.com/stainless-sdks/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  page, err := client.Intel.AttackSurfaceReport.Issues.List(context.TODO(), intel.AttackSurfaceReportIssueListParams{
    AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", page)
}

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "count": 1,
    "issues": [
      {
        "id": "id",
        "dismissed": false,
        "has_extended_context": false,
        "issue_class": "always_use_https_not_enabled",
        "issue_type": "compliance_violation",
        "payload": {
          "detection_method": "We detected security rules referencing multiple IP addresses directly in the rules.",
          "zone_tag": "zone_tag"
        },
        "resolve_link": "resolve_link",
        "resolve_text": "resolve_text",
        "severity": "Low",
        "since": "2019-12-27T18:11:19.117Z",
        "status": "active",
        "subject": "example.com",
        "timestamp": "2019-12-27T18:11:19.117Z",
        "user_classification": "false_positive"
      }
    ],
    "page": 1,
    "per_page": 25
  }
}

Returns Examples

200 example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "count": 1,
    "issues": [
      {
        "id": "id",
        "dismissed": false,
        "has_extended_context": false,
        "issue_class": "always_use_https_not_enabled",
        "issue_type": "compliance_violation",
        "payload": {
          "detection_method": "We detected security rules referencing multiple IP addresses directly in the rules.",
          "zone_tag": "zone_tag"
        },
        "resolve_link": "resolve_link",
        "resolve_text": "resolve_text",
        "severity": "Low",
        "since": "2019-12-27T18:11:19.117Z",
        "status": "active",
        "subject": "example.com",
        "timestamp": "2019-12-27T18:11:19.117Z",
        "user_classification": "false_positive"
      }
    ],
    "page": 1,
    "per_page": 25
  }
}