# Adaptive Shield

Adaptive Shield is a SaaS Security Posture Management (SSPM) platform that monitors SaaS applications for misconfigurations, identity risks, and threat activity that can lead to account takeover, data exposure, and unauthorized access. Connecting Adaptive Shield forwards SaaS security and audit alerts to Radiant Security via webhook, using Adaptive Shield's Splunk HTTP Event Collector (HEC) event destination. Radiant uses these alerts to surface SaaS-layer threats during AI triage, correlating posture and identity signals with endpoint, network, and email activity already in the pipeline.

### Prerequisites

* [ ] Administrator access to the Adaptive Shield console
* [ ] Administrator role in Radiant Security

### Add the data connector in Radiant Security

1. Log in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, select **Settings** > **Data Connectors** and click **+ Add Connector**.
3. Search for and select **Adaptive Shield Webhook**, then click **Data Feeds**.
4. Under **Select your data feeds**, select **Adaptive Shield Webhook** and click **Credentials**.
5. In the **Credential Name** field, enter an identifiable name (e.g., `Adaptive Shield webhook credentials`).
6. In the **Connector tag** field, enter any string. Radiant uses this value as salt when generating the authentication token for your connector.
7. Click **Add Connector**.
8. On the **Data Connectors** page, find the new connector and click **View Details**. Under **Vendor Configuration**, copy and save the **Webhook URL** and **Token**. You will paste both into the Adaptive Shield console in the next section.

### Configure Adaptive Shield to forward security events

1. Log in to the Adaptive Shield console.
2. Navigate to **Settings** > **Event Destination**.
3. Click **Add a New Event Destination**.
4. Select **Splunk**.
5. Enter a name for the integration (e.g., `RadiantSecurityConnector`).
6. Enter the following details:
   * **HEC URL**: Paste the **Webhook URL** you copied from Radiant Security.
   * **Token**: Paste the **Token** you copied from Radiant Security.

<div align="left"><figure><img src="/files/L9wXJ5qKxKpDREUAS9b2" alt=""><figcaption></figcaption></figure></div>

7. Click **Next**, then click **Test the connection**.
8. Click **Finish**.

### Verify ingestion

After Adaptive Shield forwards its first batch, confirm alerts are flowing into Radiant.

1. In Radiant, navigate to [Log Management](https://app.radiantsecurity.ai/logs).
2. Filter by `rs_connectorType:"adaptive_shield_webhook"`.
3. Confirm recent alerts from Adaptive Shield appear in the parsed index.

{% hint style="info" %}
**Note:** Allow several minutes for alerts to be parsed, indexed, and available for search after Adaptive Shield begins forwarding.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/adaptive-shield.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.