If somebody can please help with MVM or ePO APIs relevant for ticketing. I have defined MVM ticket generation criteria to be sev 3,4,5 on critical assets. Objective is to call these APIs from a External Ticketing tool (lets call it ETT) so that each ticket contains the vulnerability details (e.g. unqiue identifier), asset criticality, IP, all the associated tags with this asset (like zone, application name etc.) and the remediation owner (based on platform). The external ticketing tool will create tickets on the basis of all these info coming in from the ticket itself and send it the remediation owners. When the remediation owners close the ticket in ETT, the ETT fires API calls to mark the vulnerabilitiies (based on the unqiue identifier) as closed. To be more clear:
1. What APIs exist to collect only generated tickets (i.e. tickets meeting sev 3,4,5 on critical assets)
2. What APIs exist to mark unique vulnerabilities as closed. MVM should actually close the ticket in its own ticketing system when it confirms in the next scan, else it should Reopen the ticket.
Some addiitonal information known/required:
1. SMTP based one way integration exists between Remedy and MVM.
2. There are some ways to have a bidirectional integration between Remedy and MVM using SNMP. But no concrete documentation exists from any side.
3. The third way to integrate these two tools (MVM and Remedy) is using Web Services API. This is the one part i am trying to use in my question above.
4. The fourth way as I understand is using ePO. ePO will pull tickets ( somebody correct me if i am wrong) and ePO has known integration with Remedy using APIs. If somebody can help with the relvant APIs for ePO, would highly appreciate that.