SpyCloudEnterpriseProtectionEnrichment
Integrate the SpyCloud Enterprise Protection API to use enrichment commands (along with sample Enrichment Playbooks) to look up your watchlists, domains, emails, IP addresses, usernames, and passwords. Data for malware-infected devices and exposed corporate applications are available for SpyCloud Compass users.
Data Enrichment & Threat Intelligence · SpyCloud Enterprise Protection
Configuration parameters
url— API URL (required)apikey— API Key (required)insecure— Trust any certificate (not secure)proxy— Use system proxy settings
Commands (12)
-
spycloud-breach-catalog-getGet Breach Catalog Information by ID.
-
spycloud-breach-catalog-listList the Breach Catalog. By default, this lists all breaches in SpyCloud. With the arguments, it's possible to scope the results.
-
spycloud-compass-application-data-getGet Compass application data for a specific application.
-
spycloud-compass-data-listList Compass data. By default, this lists all Compass data. With the arguments, it's possible to scope the results.
-
spycloud-compass-device-data-getGet Compass device data by infected_machine_id.
-
spycloud-compass-device-listList Compass device data. By default, this lists all devices. With the arguments, it's possible to scope the results.
-
spycloud-domain-data-getGet Breach Data by Domain.
-
spycloud-email-data-getGet Breach Data by Email.
-
spycloud-ip-address-data-getGet Breach Data by IP Address.
-
spycloud-password-data-getGet Breach Data by Password.
-
spycloud-username-data-getGet Breach Data by Username.
-
spycloud-watchlist-data-listList Breach Data. By default, this lists all breach data for the customer's configured watchlist. With the arguments, it's possible to scope the results.