Sep 16 2024 04:41 AM
Hi,
I'm querying the Vulnerability endpoint of the MDE API family.
I'm making asynchronous request at a high rate, up to 20 API calls per second. Naturally, I'm hitting the API Rate Limit by receiving a 429 status code. However, I can't seem to be able to confirm exactly what the API Rate Limit is for this endpoint.
The only page that mentions Rate Limiting is the one here and it pertains to Incident API or Advanced Hunting API, but not to the Entity API Vulnerability.
Can someone please tell me what the API Rate Limit is for Entities under which Vulnerability falls?
Thank you.
Sep 16 2024 10:04 AM
Sep 17 2024 12:55 AM
@jbmartin6 Thank you for the answer.
It's gonna sound silly but I did not check the response body. I saw in the doc that it contains the remaining time before the next API call can be made, but since I have to issue hundreds of thousands of request on certain days, I found it pointless to even bother checking. That's not information I can leverage at this time. I could hypothetically parse that body and infer the API Rate Limiting, but that's just silly. First because that's information that should be available in the docs, and second because I know for fact that regardless of what the current API Rate Limiting is set on, I will not be able to run 150K CVEs through that Vulnerability endpoint within a reasonable amount of time. Ultimately, I need to know the exposure for every single CVE. I know there are other ways to pull that off (cf. software vulnerabilities endpoint for full inventory + delta), but I'd like to have a definitive and documented answer to my question.
I appreciate the help though.