Retrieve a list of matching Product Names that can be used in search?

[darrenparkinson]

We would like a reliable way to check a list of products that we have against the openvuln API using the query by product name GET /security/advisories/product/{product_keyword}.

At present, I don't see how I could reliably retrieve a list of Product Keywords that I could match against given a list of SKUs for example?

Ideally we would be able to use a product SKU in the product keyword, or have some way of associating a SKU with a product keyword? Further to that, it would be useful to specify the product SKU AND the version to check for matching vulnerabilities.

Many thanks for any feedback you can provide.

[santosomar]

Hi @darrenparkinson . Unfortunately, there is no support (yet) for SKU or PIDs in the API. The keyword search in the API is basically the same functionality of the search /filter function at the following site: https://tools.cisco.com/security/center/publicationListing.x?apply=0&totalbox=1&pt0=Cisco#~FilterByProduct

[ttoor-r7]

Has this functionality changed since May last year?

[santosomar]

Hi @ttoor-r7 , at this time there are no plans to include SKUs or PIDs in the API query functionality.

[santosomar]

This could be better addressed by supporting something like the Software Package Data Exchange® (SPDX)

[robphill]

Hi @darrenparkinson . Unfortunately, there is no support (yet) for SKU or PIDs in the API. The keyword search in the API is basically the same functionality of the search /filter function at the following site: https://tools.cisco.com/security/center/publicationListing.x?apply=0&totalbox=1&pt0=Cisco#~FilterByProduct

Is there anyway to extract that list programmatically for use in API instrumentation?