get-blocks
Retrieve standardized security finding templates (blocks) from OnSecurity for vulnerability descriptions, risks, and recommendations. Filter and sort by round type, approval status, usage frequency, or custom criteria to streamline findings across pentests and scans.
Instructions
Get all blocks data from OnSecurity. Blocks are reusable security finding templates that can be used across different assessments. They contain standardized vulnerability descriptions, risks, and recommendations. Note that you can get how often a block is used, which is a way to get the most common findings ACROSS ALL CLIENTS ONLY as blocks are the basis of findings across pentests and scans.
Input Schema
Name | Required | Description | Default |
---|---|---|---|
approved | No | Optional filter for approved blocks only | |
automation_approved | No | Optional filter for automation approved blocks only | |
fields | No | Optional comma-separated list of fields to return (e.g. 'id,name,approved'). Use * as wildcard. | |
filters | No | Optional additional filters in format {field: value} or {field-operator: value} where operator can be mt (more than), mte (more than equal), lt (less than), lte (less than equal), eq (equals, default) | |
includes | No | Optional related data to include as comma-separated values. Available: block_business_risks, block_field_variants, block_imports, block_references, block_remediations, block_target_types, block_variables, business_risks, remediations, revisions (e.g. 'block_business_risks,block_remediations') | |
limit | No | Optional limit parameter for max results per page (e.g. 15) | |
page | No | Optional page number to fetch (default: 1) | |
round_type_id | No | Optional round type ID to filter blocks, 1 = pentest round, 3 = scan round | |
search | No | Optional search term to filter blocks by matching text | |
sort | No | Optional sort parameter in format 'field-direction'. Available values: id-asc, round_type_id-asc, name-asc, approved-asc, used_count-asc, created_at-asc, updated_at-asc, id-desc, round_type_id-desc, name-desc, approved-desc, used_count-desc, created_at-desc, updated_at-desc. Default: id-asc |