SafeBreach

Add Test to Processing Queue

This action adds a test (plan) to the processing queue for execution.

Create Deployment

This action creates a new deployment in the account.

Create Random Secret

This action creates a new random verification secret for all simulator (node) instances in your SafeBreach account.

Create Scenario

This action creates a new attack scenario (plan) in the account.

Create Simulator

This action creates a new simulator node in the account.

Delete Deployment

This action deletes a deployment from the account.

Delete Scenario

This action deletes an existing attack scenario from the account.

Delete Simulator

This action deletes a simulator node from the account.

Get Current Secret

This action retrieves the currently used verification secret for the account. If a secret does not exist, a new random secret will be created and returned.

Get Deployment Details

This action retrieves the details of a specific deployment by its ID.

Get Detailed Test Summaries

This action retrieves detailed test summaries for multiple plan runs at once.

Get Scenario Details

This action retrieves the full details of a specific attack scenario, including its steps and filters.

Get Simulation Execution Results

This action retrieves the execution history results for simulations in your SafeBreach account.

Get Simulation Result Details

This action retrieves the detailed results of a specific simulation run.

Get Simulator Details

This action retrieves the details of a specific simulator node by its ID.

Get Test Summary

This action retrieves the full details of a specific test summary by its plan run ID.

Get User Details

This action retrieves the details of a specific user by their ID.

List Attacks

This action retrieves a list of all attacks (moves) available in the attack playbook.

List Deployments

This action retrieves a list of all deployments for the account.

List Scenarios

This action retrieves a list of all attack scenarios (plans) defined in the account.

List Schedules

This action retrieves a list of all schedules for the account.

List Simulators

This action retrieves the list of all nodes (agents) for your SafeBreach account, including both active and inactive nodes.

List Simulators in Bulk

This action retrieves a bulk list of simulator nodes (agents) in your SafeBreach account.

List Test Summaries

This action retrieves a list of all test summaries for the account.

List Users

This action retrieves a list of users for the account.

Pause or Resume Scheduled Scenarios

This action pauses or resumes all scheduled scenarios in your SafeBreach account.

Update Deployment

This action updates an existing deployment.

Update Simulator Details

This action updates the configuration of an existing simulator node.

Generic Action

This is a generic action used to make requests to any SafeBreach endpoint.

Base URL

Enter the base URL of your SafeBreach API instance.

Example:

https://companyname.safebreach.com

Text

Required

API Key

Enter the API key generated in the SafeBreach console to authenticate requests.

Password

Required

Account ID

Enter the tenant account identifier to scope API requests to the correct account.

Text

Required

Verify

Choose to verify SSL/TLS certification. allowed values are true and false.

Boolean

Optional

By default, verification is enabled.

Timeout

Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with SafeBreach.

Integer

Optional

Allowed range:

15-120

Default timeout:

15

Plan

Enter the plan object as key-value pairs to define which test (scenario) should be added to the processing queue and how it should execute.

Key Value

Required

Allowed keys:

id, name, accountId, planId, testId, tags, planRunId, capture, debug, enableFeedbackLoop, draft, force, priority, successCriteria, actions, edges, originalScenarioId, steps, and flowControl

Position

Enter the position in the processing queue where the test should be inserted.

Integer

Optional

By default, the plan is inserted at the end of the queue.

Enable Feedback Loop

Choose true if the feedback loop should be activated for the simulation.

Boolean

Optional

Priority

Enter the priority level for the simulation execution.

Example:

low

Text

Optional

Payload

Enter the deployment creation payload as key-value pairs.

Key Value

Required

Allowed values:

name, description, and nodes

Payload

Enter the scenario definition as key-value pairs to define the structure, logic, filters, and execution behavior of the attack scenario.

Key Value

Required

Allowed keys:

id, description, integration, planId, accountId, name, successCriteria, capture, steps, edges, draft, originalScenarioId, createdAt, updatedAt, and deletedAt.

Payload

Enter the simulator creation payload as key-value pairs to define the configuration and properties of the new node.

Key Value

Required

Allowed keys:

id, proxies, advancedActions, deployments, accountId, name, isEnabled, isConnected, isProxySupported, status, isCritical, isExfiltration, isInfiltration, isMailTarget, isMailAttacker, isPreExecutor, isAWSAttacker, isAzureAttacker, isWebApplicationAttacker, useSystemUser, externalIp, internalIp, preferredInterface, preferredIp, frameworkVersion, connectionType, hostname, tunnel, nodeInfo, updates, cloudProxyUrl, connectionUrl, lastHealthcheck, version, simulatorVersion, group, createdAt, updatedAt, deletedAt, secret, and additionalData.

Deployment ID

Enter the unique ID of the deployment you want to delete.

Text

Required

You can retrieve the deployment ID using the List Deployments action.

Scenario ID

Enter the unique scenario (plan) ID to retrieve its detailed information.

Text

Required

You can retrieve the scenario ID using the List Scenarios action.

Node ID

Enter the unique node ID to delete.

Example:

ad8e5ab9-cbee-deb8-af5c-dab00ec5a1ac

Text

Required

Force

Choose true if the node should be force-deleted even if it is currently in use.

Boolean

Optional

Deployment ID

Enter the unique deployment ID to retrieve details for.

Text

Required

You can retrieve the deployment ID using the List Deployments action.

Nodes

Choose true if associated nodes should be included in the response.

Boolean

Optional

The default value is false.

Plan Run IDs

Enter the plan run IDs to retrieve detailed summaries for multiple simulation executions. To include multiple runs, separate each ID with a | symbol.

Text

Required

Scenario ID

Enter the unique scenario (plan) ID to retrieve its detailed information.

Text

Required

Plan Run ID

Enter the plan run ID to retrieve execution results for a specific simulation run.

Text

Required

Query

Enter a query string to refine the results based on specific execution criteria.

Text

Optional

Extra Fields

Enter additional request fields as key-value pairs to refine the results.

Key Value

Optional

Allowed keys:

id, pageSize, page, and fileType

Run ID

Enter the unique simulation run ID to retrieve details for.

Text

Optional

Node ID

Enter the unique node ID to retrieve details for.

Example:

ad8e5ab9-cbee-deb8-af5c-dab00ec5a1ac

Text

Required

Secret

Choose true if you want to include the node authentication secret in the response.

Boolean

Optional

The default value is false.

Plan run ID

Enter the unique plan run ID to retrieve the test summary for.

Text

Required

You can retrieve the plan run ID using the List Test Summaries action.

User ID

Enter the unique user ID to retrieve details for.

Text

Required

You can retrieve the user ID using the List Users action.

Details

Choose true if extended details should be included for each attack move.

Boolean

Optional

The default is false.

Details

Choose true if full details should be included for each scenario.

Boolean

Optional

The default value is false.

Details

Choose true if you want to include detailed information (beyond name and ID) in the response.

Boolean

Optional

The default value is false.

Deleted

Choose true to include deleted schedules in the response.

Boolean

Optional

The default value is false.

Node IDs

Enter the node IDs as comma-separated values to filter results.

Text

Optional

Start row

Enter the pagination offset to indicate the starting row of results.

Integer

Optional

The default value is 0.

Page size

Enter the number of results to return on each page.

Integer

Optional

By default, all records are retrieved.

Details

Choose true if you want to include detailed information for each node (beyond name and ID) in the response.

Boolean

Optional

The default value is false.

Extra Params

Enter any additional query parameters as key-value pairs to filter results.

Key Value

Optional

Allowed keys:

externalIp, internalIp, os, status, shouldIncludeProxies, deploymentIds, proxyIds, hostname, connectionType, connectionUrl, name, ids, assetsIds, versions, roles, usersIds, isEnabled, isConnected, isCritical, isExfiltration, isInfiltration, isMailTarget, isMailAttacker, isPreExecutor, isAWSAttacker, isAzureAttacker, isWebApplicationAttacker, assets, startRow, pageSize, sortColumn, sortDirection, impersonatedUsers, advancedActions, deployments, and additionalData

Hostname

Enter the hostname to filter nodes by their specific network name.

Text

Optional

Extra Params

Enter additional optional query parameters as key-value pairs to filter results.

Key Value

Optional

Allowed keys:

externalIp, internalIp, os, status, shouldIncludeProxies, deploymentIds, proxyIds, hostname, connectionType, connectionUrl, name, ids, assetsIds, versions, roles, usersIds, isEnabled, isConnected, isCritical, isExfiltration, isInfiltration, isMailTarget, isMailAttacker, isPreExecutor, isAWSAttacker, isAzureAttacker, isWebApplicationAttacker, assets, startRow, pageSize, sortColumn, sortDirection, impersonatedUsers, advancedActions, deployments, and additionalData

Details

Choose true if you want to include detailed information (beyond name and ID) in the response.

Boolean

Optional

The default value is false.

Deleted

Choose true to include deleted nodes in the response.

Boolean

Optional

The default value is false.

Secret

Choose true to include node secrets in the response.

Boolean

Optional

The default value is false.

Extra Params

Enter optional query parameters as key-value pairs to filter results.

Key Value

Optional

Allowed keys:

planId, status, size, simulationId, sortBy, and includeArchived

Details

Choose true if you want to include detailed information for each user (beyond name and ID) in the response.

Boolean

Optional

The default value is false.

Deleted

Choose true if you want to include deleted users in the response.

Boolean

Optional

The default value is false.

Status

Choose true if you want to pause all scheduled scenarios. Choose false if you want to resume previously paused scheduled scenarios.

Boolean

Required

Deployment ID

Enter the unique ID of the deployment you want to update.

Text

Required

You can retrieve the deployment ID using the List Deployments action.

Payload

Enter the fields to update as key-value pairs.

Key Value

Required

Allowed keys:

id, accountid, name, and description

Node ID

Enter the unique simulator (node) ID to identify which node you want to update.

Example:

ad8e5ab9-cbee-deb8-af5c-dab00ec5a1ac

Text

Required

Payload

Enter the fields to update as key-value pairs.

Key Value

Required

Allowed keys:

hostname, tunnel, nodeinfo, proxies, advancedActions, deployments, accountId, name, isEnabled, isConnected, isProxySupported, status, isCritical, isExfiltration, isInfiltration, isMailTarget, isMailAttacker, isPreExecutor, isAWSAttacker, isAzureAttacker, isWebApplicationAttacker, useSystemUser, externalIp, internalIp, preferredInterface, preferredIp, frameworkVersion, connectionType, updates, cloudProxyUrl, connectionUrl, lastHealthcheck, version, simulatorVersion, group, createdAt, updatedAt, deletedAt, secret, and additionalData

Restore

Choose true if you want to restore a previously deleted simulator (node).

Boolean

Optional

Method

Enter the HTTP method to make the request.

Text

Required

Allowed values:

GET, PUT, POST, DELETE

Endpoint

Enter the endpoint to make the request to.

Example:

api/orch/v1/status

Text

Required

Query Params

Enter the query parameters to pass to the API.

Key Value

Optional

Payload

Enter the payload to pass to the API.

Any

Optional

Extra Fields

Enter the extra fields to pass to the API.

Key Value

Optional

Allowed keys:

headers, payload_data, custom_output, download, filename, files, retry_wait, retry_count, and response_type