Adaptive Shield
Adaptive Shield (now CrowdStrike Falcon Shield) is a SaaS Security Posture Management (SSPM) platform that continuously monitors, remediates, and governs SaaS application security configurations and identity risks. Acquired by CrowdStrike, the platform covers 200+ SaaS integrations with over 3,500 built-in security checks, helping organizations detect misconfigurations, manage human and non-human identities, discover shadow applications, and maintain compliance across their entire SaaS stack. The REST API (v1) enables programmatic access to alerts, user inventory, device inventory, integrations, security checks, and compliance data.
APIs
Adaptive Shield REST API
The Adaptive Shield REST API v1 provides programmatic access to SaaS security posture data including alerts, user and device inventory, integration configurations, security chec...
Features
Continuously monitors 200+ SaaS applications with 3,500+ built-in security checks to detect and remediate misconfigurations that expose organizations to security risks.
Manages both human and non-human identities (NHI) across SaaS platforms, detecting over-privileged accounts and suspicious access patterns.
Discovers unsanctioned and shadow SaaS applications connected to the organization's environment, providing visibility into unauthorized integrations.
Provides visibility into and governance over AI agents operating within enterprise SaaS platforms including Microsoft 365, Salesforce, and OpenAI.
Tracks compliance posture across SaaS applications against frameworks such as SOC 2, ISO 27001, GDPR, and HIPAA using automated security check mappings.
Public REST API v1 with API key authentication enables programmatic access to alerts, user/device inventory, integration data, security check results, violations, and compliance controls. US and EU regional endpoints available.
Integrates with SIEM platforms (Splunk, Datadog), security platforms (CrowdStrike Falcon), and vulnerability management platforms via API and native connectors.
Use Cases
Security teams can continuously monitor and remediate misconfigurations across the organization's entire SaaS stack from a single dashboard.
Detect and remediate over-privileged users, dormant accounts, and suspicious login behavior across all connected SaaS applications.
Automate compliance evidence collection and posture monitoring for SOC 2, ISO 27001, GDPR, and other frameworks across SaaS applications.
Identify and assess risk from third-party OAuth apps and browser extensions connected to critical SaaS platforms.
Pull SaaS security alerts and posture data into SIEM and SOAR platforms via the REST API for unified security operations workflows.
Integrations
SaaS security monitoring for Microsoft 365 suite including Exchange, Teams, SharePoint, and OneDrive.
Security posture monitoring and misconfiguration detection for Salesforce CRM.
Configuration monitoring and security checks for Slack workspace settings.
Security configuration monitoring for Zoom video conferencing accounts.
Identity provider integration for user access and authentication configuration monitoring.
Sends SaaS posture alerts as Datadog Events via OAuth integration.
Splunk add-on for ingesting Adaptive Shield security events and alerts.
Native integration with CrowdStrike Falcon platform following acquisition.