BLACKSHIELD

Guia público

Get Started with the Python SDK

Automate findings triage, query threat intelligence, and ingest findings programmatically using the official BlackShield Python SDK. Público: Security engineers, software developers, and automation teams. Tempo típico de configuração: 3 minutes.

quickstart

Use isto se

Automate findings triage, query threat intelligence, and ingest findings programmatically using the official BlackShield Python SDK.

Audience
Security engineers, software developers, and automation teams
Typical time
3 minutes

Antes de começar

  • Create a tenant-scoped API Key in Settings → API Keys with appropriate scopes.
  • Ensure Python >= 3.10 is installed in your environment (Python 3.10, 3.11, 3.12, and 3.13 are supported).
  • Confirm that pip resolves client dependencies automatically, including `httpx` (>=0.27, <1) and `pydantic` (>=2.0, <3).
  • Ensure outbound HTTPS access to the platform API endpoint is allowed by your network.

Caminho rápido

Copy a working starter, run it in your environment, then come back here for the deeper rollout details.

Apenas para demonstração

Esta configuração foi concebida para facilitar a utilização. Para implementar clientes de scanner em escala, planeie a sua arquitetura de implementação adequadamente ou contacte-nos para obter as melhores práticas empresariais.

Executar isto

installation.sh

bash
# 1. (Optional) Create and activate a Python virtual environment
python3 -m venv .venv
source .venv/bin/activate

# 2. Install the official BlackShield SDK from PyPI
# This will automatically resolve dependencies like httpx and pydantic
pip install blackshield-sdk

# 3. Verify the installation
python -c "import blackshield; print('SDK Version:', blackshield.__version__)"

quickstart_sync.py

python
import os
from blackshield import BlackShield

# 1. Initialize client
# The SDK automatically uses BLACKSHIELD_API_KEY and BLACKSHIELD_API_URL env vars
# if not passed explicitly.
client = BlackShield(
    api_key=os.environ.get("BLACKSHIELD_API_KEY", "sp_your_api_key"),
    base_url=os.environ.get("BLACKSHIELD_API_URL", "https://api.blackshield.chaplau.com")
)

# 2. Retrieve findings
try:
    page = client.findings.list(page_size=20)
    print(f"Retrieved {len(page.items)} findings.")
    for f in page.items:
        print(f"[{f.severity.upper()}] {f.title} - Status: {f.status}")
except Exception as e:
    print(f"Error querying findings: {e}")

ingest_async.py

python
import asyncio
import os
from datetime import datetime, timezone
from blackshield import AsyncBlackShield

async def main():
    # 1. Initialize asynchronous client
    client = AsyncBlackShield(
        api_key=os.environ.get("BLACKSHIELD_API_KEY", "sp_your_api_key"),
        base_url=os.environ.get("BLACKSHIELD_API_URL", "https://api.blackshield.chaplau.com")
    )

    # 2. Construct mock finding payload
    new_finding = {
        "finding_type": "vulnerability",
        "title": "Outdated Frontend Library dependency",
        "description": "React-DOM package has known cross-site scripting vulnerabilities.",
        "severity": "high",
        "affected_resource": {
            "resource_type": "repository",
            "resource_id": "github:blackshield-security/frontend",
            "resource_name": "frontend"
        },
        "source": {
            "scanner": "manual-sdk-script",
            "scanner_version": "1.0.0",
            "scan_started_at": datetime.now(timezone.utc).isoformat()
        },
        "dedup_key": "github:frontend:vuln:react-dom"
    }

    # 3. Submit finding
    try:
        async with client:
            job = await client.ingestion.ingest_findings(findings=[new_finding])
            print(f"Ingestion job accepted: {job.job_id} (Status: {job.status})")
    except Exception as e:
        print(f"Failed to ingest finding: {e}")

if __name__ == "__main__":
    asyncio.run(main())

Entender e personalizar

Use the guided steps below when you want to tailor the rollout, validate ownership, or expand the deployment safely.

Passo 1

Create an API Key

Generate a tenant-scoped API key in Settings → API Keys to authorize your SDK client.

  • Open Settings → API Keys → New Key.
  • Select the required scopes (e.g., Ingestion, Read, or Admin depending on your needs).
  • Copy the key and save it securely — you cannot view it again.

Como é o sucesso

A tenant-scoped API key is created and ready for use.

Open API Keys · Requer login

Passo 2

Install the SDK

Install the official `blackshield-sdk` package from PyPI. The SDK requires Python >= 3.10 and depends on `httpx` (>=0.27, <1) and `pydantic` (>=2.0, <3), which are automatically installed.

  • Verify your Python version is 3.10 or higher (`python3 --version`).
  • Set up a virtual environment (recommended) to avoid dependency conflicts.
  • Run `pip install blackshield-sdk` to fetch and install the package from PyPI.

Como é o sucesso

The blackshield-sdk package and its dependencies are installed locally in your environment.

View PyPI Package

Passo 3

Write your first script

Initialize the BlackShield client and fetch active findings or submit new ones.

  • Import `blackshield` or `AsyncBlackShield` in your Python script.
  • Provide your API key and target API URL to the client constructor.
  • Query findings with `client.findings.list()` to confirm connectivity.

Como é o sucesso

The SDK client successfully retrieves active findings from the platform API.

View Findings · Requer login

Como é o sucesso

  • The client successfully authenticates and establishes a connection with the platform.
  • Findings are retrieved from the API without raising authentication or validation errors.
  • Custom findings are successfully posted to the ingestion endpoint and visible in the platform dashboard.
Get Started with the Python SDK | Documentação BlackShield