• Feature Description
The CERT team wants to get the list of Security Postures / Vulnerabilities via API and ingest it by their SIEM to correlate info.
Currently, it can be done via GUI, not API.

• Problem Statement
XC API Doc doesn't describe the API Endpoint /api/ml/data/namespaces/<namespace>/virtual_hosts/<weird-lb-name>/vulnerabilities and the relative POST payload.
The LB name is an internal value, the documentation should describe how to set it.
Currently the list of Vulnerabilities is per API endpoint, so it requires to parse all API endpoints to get its relative Vulnerabilities. It's too compute intensive. An API endpoint per LB (virtual-host) should return all Vulnerabilities.

• Business Impact
CERT team don't use XC UI to monitor threats. Collecting API Discovery is mandatory and must be simple ("get all vuln per LB" in one API call). It's a blocker for our customer to subscribe to XC API Discovery.

• Security Considerations
none

• Competitive Landscape
I don't know

• Existing Workarounds
The workaround to parse all API endpoints is too compute intensive, the customer doesn't want that.

• Risks of Not Implementing
Loss of API Discovery revenue