The eMASS client repository maintains the Enterprise Mission Assurance Support Service (eMASS) Representational State Transfer (REST) Application Programming Interface (API) specification and executables.
When adding a POAM with status value of "Ongoing" it looks like the following fields are required:
"vulnerabilitySeverityValue: The Severity is required.",
"relevanceOfThreat: The Relevance of Threat is required.",
"likelihood: The Likelihood is required.",
"impact: The Impact is required.",
"residualRiskLevel: The Residual Risk Level is required."
These fields are now defined in the business logic of the eMASS API 3.9 as:
*Note: Certain eMASS instances also require the Risk Analysis fields to be populated:
• Severity
• Relevance of Threat
• Likelihood
• Impact
• Residual Risk Level
• Mitigations
The field- "mitigation" is defined in the API ver 3.9 as optional, however when adding a new POAM, the server response states that it is a required field.
When adding a POAM with status value of "Ongoing" it looks like the following fields are required:
The field- "mitigation" is defined in the API ver 3.9 as optional, however when adding a new POAM, the server response states that it is a required field.