Author Bio

Rick Ehrhart

API Evangelist

Have you heard the good news? Rick has descended on Kenna Security to enhance the platform API with his extensive know-how and to help support developers by providing complete, working code examples. He’s here to spread his message.

WHAT HE REALLY DOES: Rick attempts to keep engineering honest when it comes to API documentation so developers don’t have to ask too many questions.

WHY READ HIS BLOG: He speaks from experience. When Rick was a developer, he labored to learn the ins and outs of a company’s API set. To assist fellow developers, he shows how and why to use Kenna Security APIs.

ODD FACT: Rick was once a late night radio DJ. So don’t touch that dial.

Read My Posts

API Guy: Uploading a File to a Connector

Greetings. Let’s jump right to it. This blog will discuss: How to upload a file to a connector A new Python CSV to Kenna Data Importer (KDI) JSON Uploading a File to a Connector As you might recall from the previous blog, Automating Connector Runs, in section “Obtaining connector runs”, uploading files to the connector…

API Guy: Extracting Talos Zero Day Information via Kenna APIs

Kenna Security released the new Kenna.VM Premier tier offering on November 15th. One of the features in the Premier tier is a Cisco Talos zero day vulnerability intelligence integration. This is discussed in more detail in Monica White’s blog on “Kenna.VM Premier: Accelerate Vulnerability Management with Cisco Talos Intel and Remediation Analytics“. And for a…

API Support for CVSS v3

CVSS v3 scores are now returned in the “List and Show Vulnerabilities” APIs. Also CVSS v3 fields can be searched with the “Search Vulnerabilities” API and build a Risk Meter. Of course I feel that the Kenna Risk Score is a better number to use to remediate vulnerabilities, but some people have contractual requirements to…

Kenna API Documentation Updates

Greetings. It has been a while since my last blog, but I have been focused on improving the Kenna API documentation. Instead of presenting the code, I wrote this blog will cover some of the Kenna API documentation updates. Of course, there will be some code presented. What is a developer’s blog without some code,…

How to Work with Custom Fields: Part Two

Recently some developers have been asking about vulnerability management (VM) custom fields attached to vulnerabilities. In attempting to answer their questions, it was discovered the API documentation was incorrect. Now the documentation has been fixed, I thought a blog on custom fields would be helpful. If you’re curious about why this is Part Two, it…

Listing Unique Asset Tags: Part One

Our customer service engineers wanted a script to list unique asset tags, and metadata data about assets. Currently, there is no straightforward way, like invoking one API, to list asset tags. You can only list the asset tags for a specific asset. This first implementation discovers all the unique asset tags and counts their usage. …