Blog

Documentation

Shield API

Shield Platform

Support

Gets a paginated list of attack surface vulnerabilities.

x subscription id & x api key

Welcome to Shield Cyber's official documentation site for the Shield Continuous Threat and Exposure Management platform.

We are continuing to update the Shield Platform and will be posting about recent changes that have been made and will link to the appropriate documentation

What's New?

The Subscriptions module allows users with multiple subscriptions to see high-level information across all of the subscriptions they are managing.

Subscriptions

The Attack Surface module allows in depth understanding of an organization's internet-facing (external) assets and the risks that may reside on those assets.  All public IP addresses and domains can be scanned from the [Scan Control](https://docs.shieldcyber.io/docs/usage/scan-control.html) module within the Shield platform, and the results will reside within the Attack Surface module.

Attack Surface Management

The Internal Network module will display the hosts that may reside within an organization's network segments across their environments (or behind the organization's firewall) and all of the risks associated will be surfaced.  The asset and host information can be obtained in two separate deployments, [network-based](https://docs.shieldcyber.io/docs/deployment/network-scans.html) scanning and [agent-based](https://docs.shieldcyber.io/docs/deployment/agent-based-scans.html) scanning.

Internal Network

The identity security module will display all collected users, groups, and computer objects within a directory services environment.  The attributes for each object (users, groups, and computers) will be analyzed and the risks on the objects will then be called out as individual issues or vulnerabilities at the identity layer.

Identity Security

The Scans module allows users to create and control all network-based scanning for the target external attack surface assets and internal network assets.

Scans

The Reports module and functionality is a newly released feature which will allow users to export subscription specific information at different levels of analysis.

Reports

Attack Surface Scanning

The ability to configure and perform vulnerability scans against a single network or multiple network segments (or **locations**) can be accomplished by downloading and installing the Shield network vulnerability scanner within the target network location.  These scans will attempt to identify vulnerabilities against the targeted IP addresses, CIDR ranges, and/or domains.

Internal Network Scanning

To perform individual scans on a host-by-host basis, Shield allows users to download and install agents across assets to assess the risks and vulnerabilities on each of those assets.  In order to install the agent on each machine, Shield provides a simple PowerShell script execute on each host (or across multiple hosts with a remote monitoring and management tool).

Agent-Based Scanning

The ability to collect the AD information for a specific AD environment requires the Shield installation of a **Shield Service** to collect the users, groups, and computers objects and associated attributes.  Shield has a standalone PowerShell script within the [**Deployment**](https://platform.shieldcyber.io/deployment/identity-security) (Identity-Security) page that users can access.

Active Directory Collection

Programmatically pull data and create integrations within your security operations technology stack.

API Documentation

AttackSurface

IdentitySecurity

InternalNetwork

Reporting

Gets a paginated list of attack surface vulnerabilities.

Authorizations

Query Parameters

Response