Dashboard
The dashboard endpoint returns a complete posture snapshot for the authenticated organization - findings, severity distribution, layer breakdown, and the top 10 EPSS-ranked CVEs to fix first.
Endpoint
GET /api/v1/dashboard
Requires authentication. Returns data scoped to the authenticated organization.
Example
curl -H "Authorization: Bearer bs_live_..." \
"https://breachspider.com/api/v1/dashboard"
Response
{
"api": { "version": "1.0.0", "request_id": "bs-req-...", "processing_ms": 84 },
"data": {
"posture": {
"findings": 142,
"kev": 3,
"critical": 8,
"exploited": 5,
"poc": 12,
"severity_distribution": {
"critical": 8,
"high": 41,
"medium": 63,
"low": 30
}
},
"layers": {
"ot": 89,
"os": 31,
"network": 18,
"other": 4
},
"fix_first": [
{
"cve_id": "CVE-2025-32433",
"title": "Erlang/OTP SSH Server Unauthenticated Remote Code Execution",
"cvss_score": 10.0,
"epss_score": 0.59973,
"epss_percentile": 0.98298,
"kev_flagged": true,
"has_public_exploit": false,
"poc_available": true
}
],
"environments": [
{
"id": 5,
"name": "Water Treatment Plant Alpha",
"asset_count": 84,
"cve_count": 98,
"critical_count": 6,
"kev_count": 2,
"risk_score": 74
}
],
"vendor_watch": [
{
"vendor": "Siemens",
"cve_count": 31,
"kev_count": 1,
"critical_count": 4,
"exploit_count": 2
}
],
"empty_state": {
"has_environments": true,
"has_assets": true
}
},
"meta": {
"cache_ttl_seconds": 300,
"data_freshness": "live",
"corpus_size": 353588
}
}
fix_first Ranking
The fix_first list contains up to 10 CVEs ranked by exploitation urgency. Ranking order: EPSS score (primary), KEV flag, CVSS score. Only unacknowledged high-confidence asset matches are included.
risk_score
Each environment has a risk_score from 0-100 calculated as:
min(100, kev_count * 18 + critical_count * 9 + min(cve_count, 40))