API docs by Redocly

A13E Public API (1.0.0)

Download OpenAPI specification:

A13E Support: support@a13e.com URL: https://app.a13e.com/support License: Proprietary
A13E Documentation

A13E Detection Coverage Validator - Public API

Programmatic access to your cloud security detection coverage data.

Overview

The A13E Public API enables you to integrate detection coverage data into your security workflows, dashboards, and automation pipelines. Use it to:

  • Monitor coverage - Track your MITRE ATT&CK coverage across cloud accounts
  • Trigger scans - Initiate detection discovery scans programmatically
  • Query detections - List and inspect discovered security detections
  • Identify gaps - Find uncovered techniques prioritised by risk

Authentication

All requests require an API key passed in the X-API-Key header:

curl -H "X-API-Key: dcv_live_xxxxxxxxxx" \
  https://api.a13e.com/api/v1/public/accounts/{id}/coverage

Getting an API Key

  1. Sign in to the A13E Dashboard
  2. Navigate to SettingsAPI Keys
  3. Click Create API Key
  4. Copy the key immediately (it won't be shown again)

API keys begin with dcv_live_.

Rate Limiting

Requests are rate-limited based on your subscription tier:

Tier Rate Limit Price
Individual 1,000 requests/hour £29/mo
Pro 10,000 requests/hour £250/mo
Enterprise 100,000 requests/hour Custom

Note: API access requires a paid subscription. Free tier users will receive a 403 Forbidden response.

Rate limit headers are included in all responses:

Header Description
X-RateLimit-Limit Maximum requests per hour
X-RateLimit-Remaining Requests remaining in current window
X-RateLimit-Reset Unix timestamp when limit resets

When rate limited, you'll receive a 429 Too Many Requests response. Use exponential backoff when retrying.

Error Handling

The API uses standard HTTP status codes:

Code Meaning
200 Success
400 Bad request (invalid parameters)
401 Unauthorised (invalid or missing API key)
403 Forbidden (insufficient permissions)
404 Resource not found
409 Conflict (e.g., scan already running)
429 Rate limit exceeded
500 Internal server error

Error responses include a JSON body with details:

{
  "detail": "Cloud account not found"
}

Code Examples

Python

import requests

API_KEY = "dcv_live_xxxxxxxxxx"
BASE_URL = "https://api.a13e.com/api/v1/public"

headers = {"X-API-Key": API_KEY}

# Get coverage for an account
response = requests.get(
    f"{BASE_URL}/accounts/{account_id}/coverage",
    headers=headers
)
coverage = response.json()
print(f"Coverage: {coverage['coverage_percent']:.1f}%")

JavaScript

const API_KEY = 'dcv_live_xxxxxxxxxx';
const BASE_URL = 'https://api.a13e.com/api/v1/public';

const response = await fetch(
  `${BASE_URL}/accounts/${accountId}/coverage`,
  { headers: { 'X-API-Key': API_KEY } }
);
const coverage = await response.json();
console.log(`Coverage: ${coverage.coverage_percent.toFixed(1)}%`);

cURL

# Get coverage summary
curl -H "X-API-Key: dcv_live_xxx" \
  "https://api.a13e.com/api/v1/public/accounts/{account_id}/coverage"

# Trigger a scan
curl -X POST -H "X-API-Key: dcv_live_xxx" \
  -H "Content-Type: application/json" \
  -d '{"regions": ["eu-west-2"]}' \
  "https://api.a13e.com/api/v1/public/accounts/{account_id}/scans"

Coverage

Coverage metrics and gap analysis for cloud accounts. Get overall coverage percentages, per-technique breakdown, and prioritised gaps with remediation guidance.

Get Account Coverage

Get coverage summary for a cloud account.

Returns the latest coverage snapshot including total techniques, covered techniques, and coverage percentage.

Authorizations:
ApiKeyAuth
path Parameters
cloud_account_id
required
string <uuid> (Cloud Account Id)

Responses

Response samples

Content type
application/json
{
  • "cloud_account_id": "string",
  • "cloud_account_name": "string",
  • "total_techniques": 0,
  • "covered_techniques": 0,
  • "coverage_percent": 0,
  • "average_confidence": 0,
  • "last_scan_at": "string",
  • "created_at": "string"
}

Get Technique Coverage

Get per-technique coverage details.

Returns coverage status for each MITRE ATT&CK technique with filtering options by tactic or status.

Authorizations:
ApiKeyAuth
path Parameters
cloud_account_id
required
string <uuid> (Cloud Account Id)
query Parameters
Tactic (string) or Tactic (null) (Tactic)

Filter by tactic ID

Status (string) or Status (null) (Status)

Filter by status: covered, partial, uncovered

limit
integer (Limit) [ 1 .. 500 ]
Default: 100
offset
integer (Offset) >= 0
Default: 0

Responses

Response samples

Content type
application/json
{
  • "cloud_account_id": "string",
  • "techniques": [
    ],
  • "total": 0
}

Get Coverage Gaps

Get coverage gaps for a cloud account.

Returns uncovered techniques prioritised by importance.

Authorizations:
ApiKeyAuth
path Parameters
cloud_account_id
required
string <uuid> (Cloud Account Id)
query Parameters
Priority (string) or Priority (null) (Priority)

Filter by priority: critical, high, medium, low

limit
integer (Limit) [ 1 .. 200 ]
Default: 50
offset
integer (Offset) >= 0
Default: 0

Responses

Response samples

Content type
application/json
{
  • "cloud_account_id": "string",
  • "gaps": [
    ],
  • "total": 0
}

List Account Detections

List detections for a cloud account.

Returns paginated list of discovered security detections with optional filtering by type, status, or region.

Authorizations:
ApiKeyAuth
path Parameters
cloud_account_id
required
string <uuid> (Cloud Account Id)
query Parameters
Detection Type (string) or Detection Type (null) (Detection Type)

Filter by detection type

Status (string) or Status (null) (Status)

Filter by status

Region (string) or Region (null) (Region)

Filter by region

page
integer (Page) >= 1
Default: 1
page_size
integer (Page Size) [ 1 .. 200 ]
Default: 50

Responses

Response samples

Content type
application/json
{
  • "cloud_account_id": "string",
  • "detections": [
    ],
  • "total": 0,
  • "page": 0,
  • "page_size": 0
}

Get Detection

Get detection details.

Returns full details of a specific detection including mapped MITRE ATT&CK techniques.

Authorizations:
ApiKeyAuth
path Parameters
detection_id
required
string <uuid> (Detection Id)

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "name": "string",
  • "detection_type": "string",
  • "status": "string",
  • "source_arn": "string",
  • "region": "string",
  • "description": "string",
  • "is_managed": true,
  • "mapping_count": 0,
  • "mapped_techniques": [
    ],
  • "discovered_at": "string",
  • "updated_at": "string"
}

Create Scan

Trigger a new scan for a cloud account.

Creates a new scan job that will discover security detections in the specified cloud account. Returns immediately with the scan ID - use GET /scans/{id} to check status.

Authorizations:
ApiKeyAuth
path Parameters
cloud_account_id
required
string <uuid> (Cloud Account Id)
Request Body schema: application/json
required
Array of Regions (strings) or Regions (null) (Regions)

Responses

Request samples

Content type
application/json
{
  • "regions": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "status": "string",
  • "message": "string"
}

List Account Scans

List scans for a cloud account.

Returns most recent scans with optional status filtering.

Authorizations:
ApiKeyAuth
path Parameters
cloud_account_id
required
string <uuid> (Cloud Account Id)
query Parameters
Status (string) or Status (null) (Status)

Filter by status

limit
integer (Limit) [ 1 .. 100 ]
Default: 20

Responses

Response samples

Content type
application/json
{
  • "cloud_account_id": "string",
  • "scans": [
    ],
  • "total": 0
}

Get Scan

Get scan details and status.

Returns full details of a specific scan including progress and results.

Authorizations:
ApiKeyAuth
path Parameters
scan_id
required
string <uuid> (Scan Id)

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "cloud_account_id": "string",
  • "status": "string",
  • "progress_percent": 0,
  • "current_step": "string",
  • "regions": [
    ],
  • "detections_found": 0,
  • "detections_new": 0,
  • "detections_updated": 0,
  • "detections_removed": 0,
  • "errors": [
    ],
  • "started_at": "string",
  • "completed_at": "string",
  • "created_at": "string"
}

Get Scan Results

Get scan results summary.

Returns a summary of detection changes from this scan.

Authorizations:
ApiKeyAuth
path Parameters
scan_id
required
string <uuid> (Scan Id)

Responses

Response samples

Content type
application/json
{ }

Detections

Discovered security detections in your cloud accounts. List detections by account with filtering, and get detailed information including MITRE ATT&CK technique mappings.

List Account Detections

List detections for a cloud account.

Returns paginated list of discovered security detections with optional filtering by type, status, or region.

Authorizations:
ApiKeyAuth
path Parameters
cloud_account_id
required
string <uuid> (Cloud Account Id)
query Parameters
Detection Type (string) or Detection Type (null) (Detection Type)

Filter by detection type

Status (string) or Status (null) (Status)

Filter by status

Region (string) or Region (null) (Region)

Filter by region

page
integer (Page) >= 1
Default: 1
page_size
integer (Page Size) [ 1 .. 200 ]
Default: 50

Responses

Response samples

Content type
application/json
{
  • "cloud_account_id": "string",
  • "detections": [
    ],
  • "total": 0,
  • "page": 0,
  • "page_size": 0
}

Get Detection

Get detection details.

Returns full details of a specific detection including mapped MITRE ATT&CK techniques.

Authorizations:
ApiKeyAuth
path Parameters
detection_id
required
string <uuid> (Detection Id)

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "name": "string",
  • "detection_type": "string",
  • "status": "string",
  • "source_arn": "string",
  • "region": "string",
  • "description": "string",
  • "is_managed": true,
  • "mapping_count": 0,
  • "mapped_techniques": [
    ],
  • "discovered_at": "string",
  • "updated_at": "string"
}

Scans

Detection discovery scans. Trigger new scans to discover security detections, monitor scan progress, and retrieve scan results.

Create Scan

Trigger a new scan for a cloud account.

Creates a new scan job that will discover security detections in the specified cloud account. Returns immediately with the scan ID - use GET /scans/{id} to check status.

Authorizations:
ApiKeyAuth
path Parameters
cloud_account_id
required
string <uuid> (Cloud Account Id)
Request Body schema: application/json
required
Array of Regions (strings) or Regions (null) (Regions)

Responses

Request samples

Content type
application/json
{
  • "regions": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "status": "string",
  • "message": "string"
}

List Account Scans

List scans for a cloud account.

Returns most recent scans with optional status filtering.

Authorizations:
ApiKeyAuth
path Parameters
cloud_account_id
required
string <uuid> (Cloud Account Id)
query Parameters
Status (string) or Status (null) (Status)

Filter by status

limit
integer (Limit) [ 1 .. 100 ]
Default: 20

Responses

Response samples

Content type
application/json
{
  • "cloud_account_id": "string",
  • "scans": [
    ],
  • "total": 0
}

Get Scan

Get scan details and status.

Returns full details of a specific scan including progress and results.

Authorizations:
ApiKeyAuth
path Parameters
scan_id
required
string <uuid> (Scan Id)

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "cloud_account_id": "string",
  • "status": "string",
  • "progress_percent": 0,
  • "current_step": "string",
  • "regions": [
    ],
  • "detections_found": 0,
  • "detections_new": 0,
  • "detections_updated": 0,
  • "detections_removed": 0,
  • "errors": [
    ],
  • "started_at": "string",
  • "completed_at": "string",
  • "created_at": "string"
}

Get Scan Results

Get scan results summary.

Returns a summary of detection changes from this scan.

Authorizations:
ApiKeyAuth
path Parameters
scan_id
required
string <uuid> (Scan Id)

Responses

Response samples

Content type
application/json
{ }