Start here
Go from workspace creation to first findings in one guided path with clear next steps and ownership checks.
公开文档
Use these guides to launch quickly, complete security reviews, run reliable operations, and solve common issues independently.
Go from workspace creation to first findings in one guided path with clear next steps and ownership checks.
Choose the fastest copy-paste setup for CI, cloud, Kubernetes, SaaS, or host telemetry, then validate ingestion.
2 minutes
Embed Trivy, Semgrep, TruffleHog, and Syft into every commit with a single workflow file. Works with GitHub Actions, GitLab CI, and Bitbucket Pipelines.
Open deployment guideAnswer buyer, legal, and security-review questions with trust-center, shared-responsibility, and evidence guides.
Start here to resolve the most common onboarding and ingestion blockers.
Open troubleshootingUse the trust center and questionnaire pack to answer legal and security due-diligence requests.
Open trust center packageFor urgent production incidents, include workspace details, job IDs, and timestamps in your support request.
Contact supportDeveloper Quick Starts
Start with a working snippet, copy the command or file, then open the full guide only if you need deeper rollout detail.
Copy a working starter, run it in your environment, then come back here for the deeper rollout details.
GitHub Actions
Drop one workflow into the repository and run Trivy, Semgrep, TruffleHog, and Syft in parallel.
BLACKSHIELD_PIPELINE_IMAGE=public.ecr.aws/blackshield-security/pipeline-scanner:1.0.0 \
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/github-security-scan.sh)GitLab CI
Add one security stage that scans merge requests, default-branch builds, and scheduled pipelines.
BLACKSHIELD_PIPELINE_IMAGE=public.ecr.aws/blackshield-security/pipeline-scanner:1.0.0 \
BLACKSHIELD_API_URL=https://api.blackshield.chaplau.com \
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/gitlab-ci.sh)GitHub Deploy Gate
Drop in one workflow that evaluates the hosted Rego decision API before production deploys and prints the reasons inline.
BLACKSHIELD_POLICY_IMAGE=public.ecr.aws/blackshield-security/policy-client:1.0.0 \
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/github-policy-guardrails.sh)GitLab Deploy Gate
Add one reusable deploy job that checks allow, warn, or deny outcomes against your tenant policy pack before release.
BLACKSHIELD_POLICY_IMAGE=public.ecr.aws/blackshield-security/policy-client:1.0.0 \
BLACKSHIELD_API_URL=https://api.blackshield.chaplau.com \
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/gitlab-policy-guardrails.sh)AWS Lambda
Bootstrap the AWS CDK project locally, then deploy the tenant-owned cloud posture scanner without rewriting the commands.
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/aws-cloud-scanner.sh)
cd deploy/aws-cloud-scannerGCP Cloud Run
Bootstrap the Terraform module locally, then deploy the cloud scanner to your target projects and regions with the same commands shown in the guide.
BLACKSHIELD_CLOUD_IMAGE=public.ecr.aws/blackshield-security/cloud-scanner:1.0.0 \
BLACKSHIELD_SITE_URL=https://blackshield.chaplau.com \
BLACKSHIELD_API_URL=https://api.blackshield.chaplau.com \
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/gcp-cloud-scanner.sh)
cd deploy/gcp-cloud-scannerKubernetes
Pull the Helm chart source locally, review the templates, and install the cluster scanner from your own repository.
BLACKSHIELD_SITE_URL=https://blackshield.chaplau.com \
BLACKSHIELD_API_URL=https://api.blackshield.chaplau.com \
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/k8s-scanner-helm.sh)
cd deploy/helm/blackshield-k8s-scannerSaaS on AWS
Bootstrap the AWS CDK project locally, then deploy the tenant-owned Lambda scanner without rewriting the commands.
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/aws-saas-scanner.sh)
cd deploy/aws-saas-scannerSaaS on GCP
Bootstrap the Terraform module locally, then deploy the Cloud Run Job scanner with the same commands shown in the guide.
BLACKSHIELD_SAAS_IMAGE=public.ecr.aws/blackshield-security/saas-scanner:1.0.0 \
BLACKSHIELD_SITE_URL=https://blackshield.chaplau.com \
BLACKSHIELD_API_URL=https://api.blackshield.chaplau.com \
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/gcp-saas-scanner.sh)
cd deploy/gcp-saas-scannerAgent Runtime
Download the Compose bootstrap, point it at your tenant, and start governed blue-team automation with approval gates around every mutation.
BLACKSHIELD_SECURITY_AGENT_IMAGE=public.ecr.aws/blackshield-security/security-agent:1.0.0 \
BLACKSHIELD_SITE_URL=https://blackshield.chaplau.com \
BLACKSHIELD_API_URL=https://api.blackshield.chaplau.com \
bash <(curl -fsSL https://blackshield.chaplau.com/source-bundles/security-agent-docker.sh)
cd deploy/security-agentUse the guided steps below when you want to tailor the rollout, validate ownership, or expand the deployment safely.
3 minutes
Add a lightweight CI step that sends deploy context to your tenant and gets an allow, warn, or deny decision back without self-hosting OPA.
5 minutes
Run BlackShield's governed Go security agent inside your environment with tenant-scoped assignments, MCP context, AI Gateway controls, and approval gates around every mutation.
5 minutes
Scan GCP project posture with Prowler via a serverless Cloud Run Job triggered by Cloud Scheduler. One Terraform apply deploys to any number of projects and regions.
10 minutes
Capture live network traffic using VPC Traffic Mirroring, deploy sensor instances with CloudFormation or CDK, and stream findings automatically to the platform.
5-15 minutes
Diagnostic runbook for container startup, traffic capture, API connectivity, health checks, resource usage, and ingestion gaps.
Browse the full catalog once you know whether you are onboarding, deploying, reviewing trust posture, or solving an operational issue.
Fastest path from account creation to first validated findings.
Run scans, triage risk, and build a repeatable remediation workflow.
Copy-paste-ready deployment guides for every scanner type plus the governed security agent runtime — CI/CD pipelines, cloud posture, Kubernetes, SaaS OAuth, host intrusion detection, and network telemetry.
Buyer-facing proof of how BlackShield handles access control, evidence, data rights, control coverage, and offboarding in the actual product.
Understand availability commitments, incident flow, continuity planning, troubleshooting, and network sensor operations.
15-20分钟
创建您的工作区、第一管理员和集成密钥,以便您的团队可以开始安全地获取结果。
受众: 工作空间所有者和第一租户管理员
阅读指南30-45分钟
使用此第一天清单从空工作区转移到经过验证的结果和明确的所有权。
受众: 新租户管理员和安全主管
阅读指南10-15分钟
在扩展到更多集成之前,运行首次扫描、提交结果并确认数据质量。
受众: 安全工程师、CI所有者和集成工程师
阅读指南建议进行持续每日审查
使用风险、可利用性和所有权来确定修复的优先级,以便团队首先修复重要的问题。
受众: 安全分类团队、工程主管和服务所有者
阅读指南前 30天
将初步发现转化为具有明确指标、所有权和报告的可重复安全计划。
受众: 安全程序所有者和工程经理
阅读指南2 minutes
Embed Trivy, Semgrep, TruffleHog, and Syft into every commit with a single workflow file. Works with GitHub Actions, GitLab CI, and Bitbucket Pipelines.
受众: DevOps engineers, platform engineers, and security engineers
阅读指南3 minutes
Add a lightweight CI step that sends deploy context to your tenant and gets an allow, warn, or deny decision back without self-hosting OPA.
受众: Platform engineers, release managers, and security engineers
阅读指南5 minutes
Scan your AWS environment for misconfigurations with Prowler, deployed as a Lambda container on EventBridge Scheduler — no EC2, no always-on compute.
受众: Cloud engineers, security engineers, platform teams
阅读指南5 minutes
Scan GCP project posture with Prowler via a serverless Cloud Run Job triggered by Cloud Scheduler. One Terraform apply deploys to any number of projects and regions.
受众: Cloud engineers, security engineers, platform teams
阅读指南2 minutes
Scan cluster posture with kube-bench (CIS benchmarks), kubescape, and Kyverno policy telemetry. One Helm chart install, one kubectl secret — done.
受众: Platform engineers, Kubernetes administrators, security engineers
阅读指南5 minutes
Discover over-privileged OAuth grants, stale app access, and shadow AI tool sprawl across Google Workspace, Microsoft 365, and GitHub. Runs entirely inside your tenant boundary.
受众: Security engineers, identity and access management teams, platform engineers
阅读指南3 minutes
Ingest OSSEC and Wazuh host intrusion detection alerts into the platform for correlation with cloud and container findings. Works with Docker Compose, systemd, or ECS Fargate.
受众: Security operations teams, infrastructure engineers
阅读指南5 minutes
Run BlackShield's governed Go security agent inside your environment with tenant-scoped assignments, MCP context, AI Gateway controls, and approval gates around every mutation.
受众: Security engineers, platform engineers, and security operations teams
阅读指南10 minutes
Capture live network traffic using VPC Traffic Mirroring, deploy sensor instances with CloudFormation or CDK, and stream findings automatically to the platform.
受众: Platform engineers, network architects, security engineers
阅读指南10 minutes
Stream live traffic using Packet Mirroring, deploy sensor VM with Terraform, and ingest findings via the managed SIEM connector.
受众: Platform engineers, GCP administrators, security engineers
阅读指南10 minutes
Capture traffic using Virtual Network TAP, deploy sensor VM with Bicep, and bridge network telemetry into the security platform.
受众: Platform engineers, Azure administrators, security engineers
阅读指南5-15 minutes
Diagnostic runbook for container startup, traffic capture, API connectivity, health checks, resource usage, and ingestion gaps.
受众: Operations engineers, DevOps teams, security operations teams
阅读指南10 minutes
Capacity planning, performance tuning, and sizing guidance for high-volume network telemetry ingestion.
受众: Platform architects, operations engineers, security engineers
阅读指南15 minutes
Design resilient network sensor deployments with failover, load balancing, and multi-region architectures.
受众: Platform architects, network engineers, SRE teams
阅读指南10-15分钟
了解处理哪些客户数据、涉及哪些子处理者以及哪些法律保障措施应用。
受众: 安全审核员、法律团队、隐私团队和采购利益相关者
阅读指南12-18分钟
使用本指南在生产部署之前评估 BlackShield 安全控制、数据处理和运营承诺。
受众: 安全审核人员、采购、法律和风险利益相关者
阅读指南15-20分钟
使用此响应包通过可重复使用的答案和链接证据快速完成安全尽职调查请求。
受众: 客户安全审核员、采购团队和法律利益相关者
阅读指南15分钟
规划保留、导出和卸载步骤,以便数据处理保持可预测、可审核且符合策略。
受众: 合规、法律和平台运营团队
阅读指南10分钟
了解事件严重性、升级流程和沟通期望,以便您的团队能够快速响应。
受众: 安全主管、运营团队和客户成功团队
阅读指南8-12分钟
按计划层查看正常运行时间目标、支持响应承诺和升级渠道。
受众: 运营、支持、采购和服务所有者
阅读指南15-20 分钟
生成面向管理层的整改报告,覆盖MTTR、严重/高危积压、SLA达标率,以及按仓库/团队划分的责任归属。
受众: 安全负责人、工程管理者与租户管理员
阅读指南10-15 分钟
将已映射的发现转换为适合审计和管理层评审的基准态势、服务汇总和可导出报告。
受众: 安全负责人、审计人员、租户管理员和服务负责人
阅读指南12-20分钟
在重大服务中断之前规划恢复目标、故障转移验证和通信步骤。
受众: 平台运营团队和业务连续性所有者
阅读指南10分钟
查看 BlackShield 管理哪些安全控制以及哪些控制由您的团队保留。
受众: 安全架构师、合规所有者和平台管理员
阅读指南12-15 分钟
查看 BlackShield 如何针对 OWASP API Top 10 中的授权、滥用和错误配置风险保护公共 API 与租户 API。
受众: 安全架构师、AppSec 评审人员与合规相关方
阅读指南15-20分钟
设置帐户配置、角色更改和快速离职,以便团队的访问保持受控演变。
受众: IT管理员、安全运营团队和工作区所有者
阅读指南10-15分钟
过滤安全相关事件并导出可辩护的证据包以进行审计、调查和合规性审查。
受众: 安全管理员、合规团队、和审计员
阅读指南10-15分钟
使用自助隐私工具查看帐户数据、导出记录并在需要时请求租户删除。
受众: 租户管理员、隐私官员和法律利益相关者
阅读指南20-30分钟
连接您首选的 AI 提供商和 MCP 客户端,以便团队可以运行辅助分类和安全审核工作流程。
受众: 安全平台管理员和集成工程师
阅读指南10-15分钟
快速解决常见的摄取、身份验证和吞吐量问题具有可重复的故障排除流程。
受众: 租户管理员、DevOps团队和扫描仪操作员
阅读指南5-10 minutes
Automate the deployment of Threat Intel indicators directly into your security stack, including AWS WAF, Egress Proxies, DNS sinkholes, and EDR systems.
受众: Security engineers, SOC analysts, and network administrators
阅读指南