.png?sv=2019-07-07&sig=KF%2Fl0ZULNI43l9xIRXHj0ogckkT%2BqFtgSMwq20GQRjA%3D&spr=https%2Chttp&st=2023-12-11T14%3A42%3A23Z&se=2023-12-11T14%3A52%3A23Z&srt=o&ss=b&sp=r){kind=logo}
Have I Been Pwned - Enrich Users' Data
- 16 Mar 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
Have I Been Pwned - Enrich Users' Data
- Updated on 16 Mar 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
Have I Been Pwned - Enrich Users' Data enriches each of the users who are the result of the query that was run with breaches, pastes and pwned passwords identified by 'Have I Been Pwned' (HIBP) website.
NOTE
For details on the breaches, pastes and pwned password identified by 'Have I Been Pwned' (HIBP) API, see HIBP API.
See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.
General Settings
- Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
- Add description - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
- Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
- A query only returns results for the asset type it was created for.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapter Fetch History and Asset Investigation Modules
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
- Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
Required Fields
These fields must be configured to run the Enforcement Set.
- API key (required) - The API Key that have been purchased from 'Have I Been Pwned'.
- Instance Name - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
Additional Fields
These fields are optional.
Have I Been Pwned (HIBP) domain (default: https://haveibeenpwned.com) - The hostname or IP address of the Have I Been Pwned (HIBP) server.
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.
Alternative email suffix (default: empty) - Specify a comma-separated list of additional email suffixes, that will be also be checked for breaches, pastes and pwned password identified by 'Have I Been Pwned' (HIBP). This field may be useful if users emails in the organization have several email suffixes.
Domain include list (default: empty) - Specify a comma-separated list of email domains.
- If supplied, Axonius will request Have I Been Pwned to check only users from the given query their email is in the specified list.
- If not supplied, Axonius will request Have I Been Pwned to check all users from the given query.
- Rate Limit (requests per minute) (default: 10) - Use this field to handle rate limit issues by HIBP documentation. It is possible to buy an account with a better rate limit.
Extra fields for enrichment - Add email fields to be evaluated by Have I Been Pwned. Select an adapter and a field. Click Add Fields to add more fields. Click the x to the right of a field to delete it.
For more details about other Enforcement Actions available, see Action Library.
Was this article helpful?