Simulate Actions

Simulate app actions to ensure that they work properly and return expected data.

Simulate actions for your rules

There are two ways to simulate an action, one is to use our CLI and ensure you set up your token. Other way is to test an action through a POST request to https://platform-api.securityscorecard.io/events/scorecard.changed.

Note: Make sure your test call includes your authentication token and a rule_id from your rule on which you are basing the test.

Simulate an action for a score change

Specify the corresponding change in the payload using the properties current.score and previous.score:

  • To test a score drop, set the value for current.score to be lower than the value for previous.score.
  • To test a score increase, set the value for current.score to be higher than the value for previous.score.

The following payload example shows a score drop:

{
    "platform_score_date": 111233123124,
    "current": {
        "score": 10,
        "factors": {
            "network_security": 80,
            "dns_health": 95,
            "endpoint_security": 88,
            "patching_cadence": 85
        }
    },
    "domain": "example.com",
    "previous": {
        "score": 50,
        "factors": {
            "network_security": 80,
            "dns_health": 95,
            "endpoint_security": 88,
            "patching_cadence": 85
        }
    },
    "trial": {
      "rule_id": "my_rule_id"
    }
}

The following cURL example shows a simulated action for a score change:

ssc simulate-event -f event.json
// event.json will be the same as the example above, except trial is not necessary using the CLI
curl --location --request POST 'https://platform-api.securityscorecard.io/events/scorecard.changed' \
--header 'Authorization: Token <your_token>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "platform_score_date": 111233123124,
    "current": {
        "score": 10,
        "factors": {
            "network_security": 80,
            "dns_health": 95,
            "endpoint_security": 88,
            "patching_cadence": 85
        }
    },
    "domain": "example.com",
    "previous": {
        "score": 50,
        "factors": {
            "network_security": 80,
            "dns_health": 95,
            "endpoint_security": 88,
            "patching_cadence": 85
        }
    },
    "trial": {
      "rule_id": "<rule_id>"
    }
}'

Test an action for a new issues

Add an issue type to the payload, as in the following example:

{
    "platform_score_date": 12233234444,
    "current": {
        "score": 90,
        "factors": {
            "network_security": 80,
            "dns_health": 95,
            "endpoint_security": 88,
            "patching_cadence": 85
        }
    },
    "domain": "example.com",
    "previous": {
        "score": 90,
        "factors": {
            "network_security": 80,
            "dns_health": 95,
            "endpoint_security": 88,
            "patching_cadence": 85
        }
    },
    "issues": {
        "csp_no_policy_v2": {
            "active": {
                "count": 15
            },
            "departed": {
                "count": 3
            },
            "resolved": {
                "count": 2
            }
        },
        "domain_missing_https_v2": {
            "active": {
                "count": 5
            }
        }
    },
    "trial": { 
      "rule_id": "your_rule_id" 
    }
}

The following cURL example shows a simulated action for a new issue:

ssc simulate-event -f event.json
// event.json will be the same as above without trial key since the CLI will add it by its own
curl --location --request POST 'https://platform-api.securityscorecard.io/events/scorecard.changed' \
--header 'Authorization: Token <your_token>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "platform_score_date": 12233234444,
    "current": {
        "score": 90,
        "factors": {
            "network_security": 80,
            "dns_health": 95,
            "endpoint_security": 88,
            "patching_cadence": 85
        }
    },
    "domain": "example.com",
    "previous": {
        "score": 90,
        "factors": {
            "network_security": 80,
            "dns_health": 95,
            "endpoint_security": 88,
            "patching_cadence": 85
        }
    },
    "issues": {
        "csp_no_policy_v2": {
            "active": {
                "count": 15
            },
            "departed": {
                "count": 3
            },
            "resolved": {
                "count": 2
            }
        },
        "domain_missing_https_v2: {
            "active": {
                "count": 5
            }
        }
    },
"trial": {"rule_id": "<rule_id>"}'

πŸ“˜

CLI

to install the CLI, just follow our quickstart

For more details on each type of event you can read on Receive event notifications with webhooks