Automate All The Things: Our New-and-Improved API

Mike    January 29, 2013

We recently updated our API and wanted to let you know about it.

For those of you unfamiliar with the Risk I/O API, it can be used to automate many functions of Risk I/O including the ability to add vulnerabilities from the few scanners Risk I/O doesn’t directly support, information gleaned from manual assessments, data integration between SIEM, GRC and asset management, as well as update both your vulnerability and asset information directly.  The RESTful API is very straightforward to use, only requiring a Risk I/O API key and target URL.

The Risk I/O API

The Risk I/O API can be used with your API key generated in the Connectors tab.

Even if you haven’t used our API in the past, we think you’ll really appreciate the improvements we have made. In addition to its previous functionality, with the new API you can now:

  • Edit and delete vulnerabilities
  • Edit assets including priority scores and tags
  • Make API calls via http token-based authentication
  • View your data in JSON format

We’ve put together some extensive documentation on the API that guides you through everything from authentication to asset tagging. You can access it at

Risk I/O API Documentation

The API documentation covers how to use the API and offers several reference docs.

As we continue to explore additional ways to improve the API, we would appreciate and value any feedback you have. You can send it to

Leave a Reply

Your email address will not be published. Required fields are marked *