Posture trends: new-vs-resolved, MTTR by severity, %-within-SLA
GET/api/v1/findings/stats/posture-trends
Board-deck posture trends over the finding lifecycle.
new_vs_resolved: per-period inflow (genesis) vs. outflow (first fixed).mttr: mean time-to-remediate per severity over the window.percent_within_sla: share of remediated findings with a configured SLA that closed inside SLA.
All folded from status_history against Organization.sla_policy.
- Scope required:
findings:read. - Response supports ETag revalidation (304 Not Modified).
Request
Responses
- 200
- 400
- 401
- 403
- 404
- 409
- 422
- 429
- 500
Successful Response
Bad request — malformed input or failed validation.
Missing, expired, or invalid credentials.
Authenticated but not authorized for this resource. Note: cross-organization reads return 404, not 403.
Resource not found, or hidden for tenant-enumeration safety (the caller lacks permission to know whether the resource exists).
Conflict — the current resource state does not allow this operation (e.g. assessment already started, email already in use).
Semantic validation failure — request shape was valid but contents were not.
Too many requests — rate limited. Retry after the window resets.
Internal server error — unexpected failure.