Adaptive Shield website screenshot

Adaptive Shield

Adaptive Shield (now CrowdStrike Falcon Shield) is a SaaS Security Posture Management (SSPM) platform that continuously monitors, remediates, and governs SaaS application security configurations and identity risks. Acquired by CrowdStrike, the platform covers 200+ SaaS integrations with over 3,500 built-in security checks, helping organizations detect misconfigurations, manage human and non-human identities, discover shadow applications, and maintain compliance across their entire SaaS stack. The REST API (v1) enables programmatic access to alerts, user inventory, device inventory, integrations, security checks, and compliance data.

1 APIs 7 Features
SaaS SecuritySSPMSecurity Posture ManagementCybersecurityCloud SecurityIdentity ManagementCompliance

APIs

Adaptive Shield REST API

The Adaptive Shield REST API v1 provides programmatic access to SaaS security posture data including alerts, user and device inventory, integration configurations, security chec...

Pricing Plans

Rate Limits

Adaptive Shield Rate Limits

5 limits

RATE LIMITS

FinOps

Features

SaaS Misconfiguration Detection

Continuously monitors 200+ SaaS applications with 3,500+ built-in security checks to detect and remediate misconfigurations that expose organizations to security risks.

Identity And Access Governance

Manages both human and non-human identities (NHI) across SaaS platforms, detecting over-privileged accounts and suspicious access patterns.

Shadow App Discovery

Discovers unsanctioned and shadow SaaS applications connected to the organization's environment, providing visibility into unauthorized integrations.

AI Agent Visibility And Control

Provides visibility into and governance over AI agents operating within enterprise SaaS platforms including Microsoft 365, Salesforce, and OpenAI.

Compliance Monitoring

Tracks compliance posture across SaaS applications against frameworks such as SOC 2, ISO 27001, GDPR, and HIPAA using automated security check mappings.

REST API Access

Public REST API v1 with API key authentication enables programmatic access to alerts, user/device inventory, integration data, security check results, violations, and compliance controls. US and EU regional endpoints available.

SIEM And Platform Integrations

Integrates with SIEM platforms (Splunk, Datadog), security platforms (CrowdStrike Falcon), and vulnerability management platforms via API and native connectors.

Use Cases

SaaS Security Posture Management

Security teams can continuously monitor and remediate misconfigurations across the organization's entire SaaS stack from a single dashboard.

Identity Risk Detection

Detect and remediate over-privileged users, dormant accounts, and suspicious login behavior across all connected SaaS applications.

Compliance Audit Automation

Automate compliance evidence collection and posture monitoring for SOC 2, ISO 27001, GDPR, and other frameworks across SaaS applications.

Third-Party App Risk Management

Identify and assess risk from third-party OAuth apps and browser extensions connected to critical SaaS platforms.

Security Operations Integration

Pull SaaS security alerts and posture data into SIEM and SOAR platforms via the REST API for unified security operations workflows.

Integrations

Microsoft 365

SaaS security monitoring for Microsoft 365 suite including Exchange, Teams, SharePoint, and OneDrive.

Salesforce

Security posture monitoring and misconfiguration detection for Salesforce CRM.

Slack

Configuration monitoring and security checks for Slack workspace settings.

Zoom

Security configuration monitoring for Zoom video conferencing accounts.

Okta

Identity provider integration for user access and authentication configuration monitoring.

Datadog

Sends SaaS posture alerts as Datadog Events via OAuth integration.

Splunk

Splunk add-on for ingesting Adaptive Shield security events and alerts.

CrowdStrike Falcon

Native integration with CrowdStrike Falcon platform following acquisition.

Resources

👥
GitHubOrganization
GitHubOrganization
🔗
LinkedIn
LinkedIn
🔗
Website
Website
🌐
Portal
Portal
📰
Blog
Blog
🔗
Resources
Resources
💬
Support
Support

Sources

apis.yml Raw ↑
aid: adaptive-shield
name: Adaptive Shield
description: Adaptive Shield (now CrowdStrike Falcon Shield) is a SaaS Security Posture Management (SSPM) platform that continuously
  monitors, remediates, and governs SaaS application security configurations and identity risks. Acquired by CrowdStrike,
  the platform covers 200+ SaaS integrations with over 3,500 built-in security checks, helping organizations detect misconfigurations,
  manage human and non-human identities, discover shadow applications, and maintain compliance across their entire SaaS stack.
  The REST API (v1) enables programmatic access to alerts, user inventory, device inventory, integrations, security checks,
  and compliance data.
url: https://raw.githubusercontent.com/api-evangelist/adaptive-shield/refs/heads/main/apis.yml
created: '2026-03-27'
modified: '2026-04-19'
specificationVersion: '0.19'
tags:
- SaaS Security
- SSPM
- Security Posture Management
- Cybersecurity
- Cloud Security
- Identity Management
- Compliance
apis:
- aid: adaptive-shield:adaptive-shield-api
  name: Adaptive Shield REST API
  description: The Adaptive Shield REST API v1 provides programmatic access to SaaS security posture data including alerts,
    user and device inventory, integration configurations, security check results, violations, and compliance controls. Authentication
    uses a per-user API key (access token). Regional endpoints are available for US (api.adaptive-shield.com) and EU (eu.api.adaptive-shield.com)
    regions.
  humanURL: https://www.crowdstrike.com/platform/falcon-shield/
  tags:
  - SaaS Security
  - SSPM
  - REST API
  - Alerts
  - Compliance
  properties:
  - type: Documentation
    url: https://www.crowdstrike.com/platform/falcon-shield/
  - type: Authentication
    url: https://www.adaptive-shield.com/support
common:
- type: GitHubOrganization
  url: https://github.com/adaptiveshield
- type: LinkedIn
  url: https://www.linkedin.com/company/adaptiveshield
- type: Website
  url: https://www.crowdstrike.com/platform/falcon-shield/
- type: Portal
  url: https://www.crowdstrike.com/platform/falcon-shield/
- type: Blog
  url: https://www.adaptive-shield.com/blog/
- type: Resources
  url: https://www.adaptive-shield.com/resources
- type: Integrations
  url: https://www.adaptive-shield.com/integrations
- type: Support
  url: https://www.adaptive-shield.com/support
- type: Features
  data:
  - name: SaaS Misconfiguration Detection
    description: Continuously monitors 200+ SaaS applications with 3,500+ built-in security checks to detect and remediate
      misconfigurations that expose organizations to security risks.
  - name: Identity And Access Governance
    description: Manages both human and non-human identities (NHI) across SaaS platforms, detecting over-privileged accounts
      and suspicious access patterns.
  - name: Shadow App Discovery
    description: Discovers unsanctioned and shadow SaaS applications connected to the organization's environment, providing
      visibility into unauthorized integrations.
  - name: AI Agent Visibility And Control
    description: Provides visibility into and governance over AI agents operating within enterprise SaaS platforms including
      Microsoft 365, Salesforce, and OpenAI.
  - name: Compliance Monitoring
    description: Tracks compliance posture across SaaS applications against frameworks such as SOC 2, ISO 27001, GDPR, and
      HIPAA using automated security check mappings.
  - name: REST API Access
    description: Public REST API v1 with API key authentication enables programmatic access to alerts, user/device inventory,
      integration data, security check results, violations, and compliance controls. US and EU regional endpoints available.
  - name: SIEM And Platform Integrations
    description: Integrates with SIEM platforms (Splunk, Datadog), security platforms (CrowdStrike Falcon), and vulnerability
      management platforms via API and native connectors.
- type: UseCases
  data:
  - name: SaaS Security Posture Management
    description: Security teams can continuously monitor and remediate misconfigurations across the organization's entire
      SaaS stack from a single dashboard.
  - name: Identity Risk Detection
    description: Detect and remediate over-privileged users, dormant accounts, and suspicious login behavior across all connected
      SaaS applications.
  - name: Compliance Audit Automation
    description: Automate compliance evidence collection and posture monitoring for SOC 2, ISO 27001, GDPR, and other frameworks
      across SaaS applications.
  - name: Third-Party App Risk Management
    description: Identify and assess risk from third-party OAuth apps and browser extensions connected to critical SaaS platforms.
  - name: Security Operations Integration
    description: Pull SaaS security alerts and posture data into SIEM and SOAR platforms via the REST API for unified security
      operations workflows.
- type: Integrations
  data:
  - name: Microsoft 365
    description: SaaS security monitoring for Microsoft 365 suite including Exchange, Teams, SharePoint, and OneDrive.
  - name: Salesforce
    description: Security posture monitoring and misconfiguration detection for Salesforce CRM.
  - name: Slack
    description: Configuration monitoring and security checks for Slack workspace settings.
  - name: Zoom
    description: Security configuration monitoring for Zoom video conferencing accounts.
  - name: Okta
    description: Identity provider integration for user access and authentication configuration monitoring.
  - name: Datadog
    description: Sends SaaS posture alerts as Datadog Events via OAuth integration.
  - name: Splunk
    description: Splunk add-on for ingesting Adaptive Shield security events and alerts.
  - name: CrowdStrike Falcon
    description: Native integration with CrowdStrike Falcon platform following acquisition.
maintainers:
- FN: Kin Lane
  X-twitter: apievangelist
  email: info@apievangelist.com