SpyCloudEnterpriseProtectionEnrichment

Integrate the SpyCloud Enterprise Protection API to use enrichment commands (along with sample Enrichment Playbooks) to look up your watchlists, domains, emails, IP addresses, usernames, and passwords. Data for malware-infected devices and exposed corporate applications are available for SpyCloud Compass users.

Data Enrichment & Threat Intelligence · SpyCloud Enterprise Protection

Configuration parameters

  • url — API URL (required)
  • apikey — API Key (required)
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings

Commands (12)

  • spycloud-breach-catalog-get

    Get Breach Catalog Information by ID.

  • spycloud-breach-catalog-list

    List the Breach Catalog. By default, this lists all breaches in SpyCloud. With the arguments, it's possible to scope the results.

  • spycloud-compass-application-data-get

    Get Compass application data for a specific application.

  • spycloud-compass-data-list

    List Compass data. By default, this lists all Compass data. With the arguments, it's possible to scope the results.

  • spycloud-compass-device-data-get

    Get Compass device data by infected_machine_id.

  • spycloud-compass-device-list

    List Compass device data. By default, this lists all devices. With the arguments, it's possible to scope the results.

  • spycloud-domain-data-get

    Get Breach Data by Domain.

  • spycloud-email-data-get

    Get Breach Data by Email.

  • spycloud-ip-address-data-get

    Get Breach Data by IP Address.

  • spycloud-password-data-get

    Get Breach Data by Password.

  • spycloud-username-data-get

    Get Breach Data by Username.

  • spycloud-watchlist-data-list

    List Breach Data. By default, this lists all breach data for the customer's configured watchlist. With the arguments, it's possible to scope the results.