Main Site HUB Security Scorecard API 4.1 Generate a Score Improvement Plan

HUB

4.1 Generate a Score Improvement Plan

Generate A Score Improvement Plan

SecurityScorecard allows you to create a score improvement plan that you can use to start improving your security rating.




Generate A Score Improvement Plan

This API endpoint allows you to generate a score improvement plan that you can use to start improving your security rating. You can check out the full specification for this endpoint here

Resource URI

/companies/{domain}/score-plans/by-target/{score}

Parameters:

Name Required Description
Domain Y The primary domain identifying a company in SecurityScorecard.
Score Y The score you want to reach (ex: 90)

Sample Code:


            curl -X GET \
                https://api.securityscorecard.io/companies/ovofinance.com/score-plans/by-target/90 \
                -H 'Accept: application/json' \
                -H 'Authorization: Token <Your API Key>' \
                -H 'Content-Type: application/json' \
                -H 'cache-control: no-cache'
        

Sample Response:


{
    "entries": [
        {
            "factor": "application_security",
            "findings": 719,
            "issue_type": "domain_missing_https",
            "remediations": 719,
            "severity": "high",
            "title": "Site does not enforce HTTPS"
        },
        {
            "factor": "application_security",
            "findings": 570,
            "issue_type": "hsts_incorrect",
            "remediations": 567,
            "severity": "medium",
            "title": "Website Does Not Implement HSTS Best Practices"
        },
        {
            "factor": "application_security",
            "findings": 37,
            "issue_type": "x_frame_options_incorrect",
            "remediations": 37,
            "severity": "medium",
            "title": "Website does not implement X-Frame-Options Best Practices"
        },
        {
            "factor": "dns_health",
            "findings": 29,
            "issue_type": "spf_record_softfail",
            "remediations": 29,
            "severity": "low",
            "title": "SPF Record Contains a Softfail"
        },
        {
            "factor": "application_security",
            "findings": 3,
            "issue_type": "redirect_chain_contains_http",
            "remediations": 3,
            "severity": "medium",
            "title": "Redirect Chain Contains HTTP"
        },
        {
            "factor": "application_security",
            "findings": 2,
            "issue_type": "insecure_https_redirect_pattern",
            "remediations": 2,
            "severity": "medium",
            "title": "Insecure HTTPS Redirect Pattern"
        },
        {
            "factor": "application_security",
            "findings": 2,
            "issue_type": "cookie_missing_http_only",
            "remediations": 2,
            "severity": "low",
            "title": "Session Cookie Missing 'HttpOnly' Attribute"
        },
        {
            "factor": "network_security",
            "findings": 4,
            "issue_type": "tlscert_revoked",
            "remediations": 1,
            "severity": "high",
            "title": "Certificate Is Revoked"
        },
        {
            "factor": "dns_health",
            "findings": 1,
            "issue_type": "spf_record_malformed",
            "remediations": 1,
            "severity": "low",
            "title": "Malformed SPF Record"
        }
    ],
    "projected_total_score": 90.8646847552468,
    "size": 9
}