Changelog
🔑 GET YOUR FREE API KEY🤖 AI Assistant
Start typing to search…
Back to All
Added

{ New } - Company Search Endpoint

20 days ago by Dan Benshitrit

Docs: Search by Company Endpoint | Get Company IDs

  • Added a new endpoint: POST /search-by-company

    Purpose: Enables targeted compromise searches within a specific company's digital asset portfolio, supporting unified querying across corporate domains, mobile applications (APKs), and external third-party services.

  • Prerequisites: Use the GET /my-account endpoint to retrieve your available company_id values before using this search capability.

    • Response includes:

      • stealer: Associated stealer ID and compromise metadata for correlation

      • credentials: Filtered credential data matching specified company assets and search criteria

      • ip: IP address and system information from compromised machines

      • computer_name: Name of the compromised computer for asset identification

      • date_compromised: Timeline data for incident response and forensic analysis

      • date_uploaded: When the compromise data was integrated into the platform

        This enterprise-focused search capability provides comprehensive organizational compromise assessment with intelligent asset correlation. The endpoint features smart external domain logic that automatically includes the company name as a keyword when searching external domains, enhancing third-party risk detection and shadow IT discovery workflows.


Example Request:

curl --request POST \
     --url https://api.hudsonrock.com/json/v3/search-by-company \
     --header 'accept: application/json' \
     --header 'api-key: <API_KEY>' \
     --header 'content-type: application/json' \
     --data '{
       "company_id": "695cebd77ef1529e2862efea",
       "company_asset_types": ["domains", "external_domains"],
       "keywords": ["admin", "portal"],
       "types": ["employees"],
       "subdomains": ["auth", "vpn"],
       "sort_by": "date_compromised"
     }'

Use Cases:

  • Enterprise Security Assessment: Comprehensive compromise monitoring across all company digital assets including corporate domains, mobile applications, and third-party services
  • Asset-Specific Investigation: Granular searches within specific asset categories (domains, APKs, external domains) based on organizational security requirements
  • Third-Party Risk Management: Enhanced detection of compromises in external services through intelligent company name correlation and keyword matching
  • Incident Response: Focused threat hunting within organizational asset portfolios for rapid impact assessment and containment planning
  • Shadow IT Discovery: Identification of unauthorized external services and applications through external domain compromise correlation with company identifiers