Get ICS Threat Intelligence report

Expand all | Collapse all

The ics/get_one endpoint is used to display specific information for an ICS Threat Intelligence report, identified by publication_id.

Request

Request method: POST

Endpoint: https://tip.kaspersky.com/api/ics/get_one

Query parameters:

Expected parameters

Parameter

Description

publication_id

ICS Threat Intelligence report ID: the id parameter (a string) returned by the get_list endpoint.

include_info

List of the optional parameters separated by comma:

all—All available formats.

pdf—ICS Threat Intelligence report in PDF format.

execsum—Brief report summary for business purposes (executive summary) in PDF format.

yara—ICS Threat Intelligence report in YARA Rules format.

iocs—OpenIOC file that includes description of indicators of compromise.

suricata—File that contains Suricata rules associated with the ICS Threat Intelligence report.

lang

Language for an ICS Threat Intelligence report. The value can be one of the following: ru (Russian), en (English), pt (Portuguese), or es (Spanish). A list of available languages for an ICS Threat Intelligence report is returned by the pdfs in the get_list endpoint. If the lang parameter is not specified, an English version of the ICS Threat Intelligence report will be returned.

Request example:

Retrieve the executive summary and the PDF report for the specific ICS report:

curl -u <user_name> -H 'Content-Length: 0' --cert <full path to the certificate CERT_NAME.pem on your computer> -X POST 'https://tip.kaspersky.com/api/ics/get_one?publication_id={ICS report ID}&include_info=execsum,pdf'

Responses

200 OK

401 Unauthorized

403 Forbidden

451 Unavailable For Legal Reasons

See also:

Get ICS Threat Intelligence report list

Get Master IOC

Get Master YARA

Page top