Have I Been Pwned - Enrich Users' Data
  • 28 Jan 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Have I Been Pwned - Enrich Users' Data

  • Dark
    Light
  • PDF

Article summary

Have I Been Pwned - Enrich Users' Data enriches each of the users who are the result of the query that was run with breaches, pastes and pwned passwords identified by 'Have I Been Pwned' (HIBP) website.

NOTE
For details on the breaches, pastes and pwned password identified by 'Have I Been Pwned' (HIBP) API, see HIBP API.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

Note:

General Settings

  • Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
  • Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

Required Fields

These fields must be configured to run the Enforcement Set.

  1. API key (required) - The API Key that have been purchased from 'Have I Been Pwned'.

Additional Fields

These fields are optional.

  1. Have I Been Pwned (HIBP) domain (default: https://haveibeenpwned.com) - The hostname or IP address of the Have I Been Pwned (HIBP) server.

  2. Verify SSL (optional) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  3. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  4. Alternative email suffix (default: empty) - Specify a comma-separated list of additional email suffixes, that will be also be checked for breaches, pastes and pwned password identified by 'Have I Been Pwned' (HIBP). This field may be useful if users emails in the organization have several email suffixes.

  5. Domain include list (default: empty) - Specify a comma-separated list of email domains.

    • If supplied, Axonius will request Have I Been Pwned to check only users from the given query their email is in the specified list.
    • If not supplied, Axonius will request Have I Been Pwned to check all users from the given query.
    • Rate Limit (requests per minute) (default: 10) - Use this field to handle rate limit issues by HIBP documentation. It is possible to buy an account with a better rate limit.
  6. Extra fields for enrichment - Add email fields to be evaluated by Have I Been Pwned. Select an adapter and a field. Click Add Fields to add more fields. Click the x to the right of a field to delete it.


For more details about other Enforcement Actions available, see Action Library.


Was this article helpful?