Vectors

Methods described in this section relate to the vectors API. These methods can be accessed at TenableOne.attack_path.

class VectorsAPI(api: APISession)

list(page_number: int | None = None, limit: int = 10, filter: dict | None = None, sort_field: str | None = None, sort_order: str | None = None, run_ai_summarization: bool | None = None, return_iterator=True) → VectorIterator | VectorsPageSchema

Retrieve vectors

Parameters:

• page_number (optional, int) – For offset-based pagination, the requested page to retrieve. If this parameter is omitted, Tenable uses the default value of 1.

• limit (optional, int) – The number of records to retrieve. If this parameter is omitted, Tenable uses the default value of 25. The maximum number of events that can be retrieved is 25. For example: limit=25.

• filter (optional, dict) –

  A document as defined by Tenable APA online documentation. Filters to allow the user to get to a specific subset of Findings. For a more detailed listing of what filters are available, please refer to the API documentation linked above, however some examples are:

  • {"operator":"==", "key":"name", "value":"nice name"}

  • {"operator":">", "key":"critical_asset", "value": 10}

• sort_field (optional, str) – The field you want to use to sort the results by. Accepted values are name, priority

• run_ai_summarization (optional, bool) – Indicates whether or not to run the AI summarization for missing paths. Note that enabling the AI summarization results in slower response times. Tenable uses the default value of false.

• return_iterator (optional, bool) – Should we return the response instead of iterable?

Returns:

List of vectors records

Return type:

VectorsIterator

Examples

List all of the available vectors:

>>> vectors = tapa.vectors.list()
>>> for f in vectors:
...     pprint(f)

Filtering for a specific subset of vectors:

>>> tapa.vectors.list(
...     limit='10',
...     sort_field='name',
...     sort_order='desc',
...     filter={"operator":"==", "key":"name", "value":"nice name"},
...     return_iterator=False
...     )

top_attack_paths_search(limit: int = 1000, sort: str | None = None, run_ai_summarization: str | None = None, filter: PublicVectorFilterType | None = None, exclude_resolved: bool = True) → DiscoverPageTableResponse

Search top attack paths leading to critical assets.

This endpoint provides comprehensive search capabilities for attack paths with advanced filtering, sorting, and pagination options. The response includes detailed information about each attack path, including techniques, nodes, and metadata.

Note: Attack Paths now inherit their status from the underlying techniques. Paths marked as “Chain Prevented” (partially fixed), “Accepted” or “Done” are excluded by default to prioritize active threats. Set exclude_resolved=False to include all paths.

Parameters:

• limit (optional, int) – Number of items per page (default: 1000, min: 100, max: 10000)

• sort (optional, str) – Sort parameter in format “{sort_field}:{sort_order}” (e.g., “name:asc”, “priority:desc”, “path_status:asc”)

• run_ai_summarization (optional, str) – Whether to run AI summarization (default: “false”). Enabling AI summarization provides additional insights but results in slower response times. Valid values: “true”, “false”

• filter (optional, PublicVectorFilterType) – Filter criteria for the search. The filter is passed as a JSON object in the request body. Supports complex filtering with AND/OR operators.

• exclude_resolved (bool, optional) – When True (default), excludes paths with path_status ‘done’, ‘chain_prevented’, or ‘accepted’. Set to False to include all paths.

Returns:

Response containing attack paths data with pagination information

Return type:

DiscoverPageTableResponse

Examples

Search for high priority attack paths leading to critical assets

>>> filter_data = {
...     "operator": "AND",
...     "value": [
...         {"property": "priority", "operator": "gte", "value": 8},
...         {"property": "critical_asset", "operator": "eq", "value": True}
...     ]
... }
>>> response = t1.attack_path.vectors.top_attack_paths_search(
...     limit=500,
...     sort="priority:desc",
...     filter=filter_data
... )
>>> for attack_path in response.data:
...     print(f"Attack Path: {attack_path.name}, Priority: {attack_path.priority}")

Filter by path_status to get only actionable paths

>>> filter_data = {
...     "property": "path_status",
...     "operator": "in",
...     "value": ["to_do", "in_progress", "in_review"]
... }
>>> response = t1.attack_path.vectors.top_attack_paths_search(
...     filter=filter_data
... )

Include resolved paths

>>> response = t1.attack_path.vectors.top_attack_paths_search(
...     exclude_resolved=False
... )

Simple search with default parameters

>>> response = t1.attack_path.vectors.top_attack_paths_search()
>>> print(f"Found {response.total} attack paths")