@censys/platform-sdk 0.10.3 → 0.10.4

package/docs/sdks/threathunting/README.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-Endpoints related to the Threat Hunting product
+Endpoints related to the Adversary Investigation product
 
 ### Available Operations
 
@@ -17,7 +17,7 @@ Endpoints related to the Threat Hunting product
 
 ## createCenseyeJob
 
-Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts [default pivot fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.<br><br>This endpoint costs 44 credits to execute for a host, 28 credits to execute for a web property, and 7 credits to execute for a certificate.
+Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts default pivot fields from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
 
 ### Example Usage
 
@@ -107,7 +107,7 @@ run();
 
 ## getCenseyeJob
 
-Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.
+Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
 
 ### Example Usage
 
@@ -185,7 +185,7 @@ run();
 
 ## getCenseyeJobResults
 
-Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.
+Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
 
 ### Example Usage
 
@@ -263,7 +263,7 @@ run();
 
 ## getHostObservationsWithCertificate
 
-Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Threat Hunting users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Threat Hunting module. It costs 5 credits per page of results.
+Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Adversary Investigation users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 5 credits per page of results.
 
 ### Example Usage
 
@@ -351,7 +351,7 @@ run();
 
 ## createTrackedScan
 
-Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Threat Hunting module. It costs 15 credits to execute this endpoint.
+Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 15 credits to execute this endpoint.
 
 ### Example Usage
 
@@ -521,7 +521,7 @@ run();
 
 ## listThreats
 
-Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Threat Hunting module.
+Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module.
 
 ### Example Usage
 
@@ -599,7 +599,7 @@ run();
 
 ## valueCounts
 
-Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Threat Hunting Module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
+Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
 
 ### Example Usage
 

package/funcs/threatHuntingCreateCenseyeJob.d.ts

@@ -12,7 +12,7 @@ import { Result } from "../types/fp.js";
  * CensEye: Create a pivot analysis job
  *
  * @remarks
- * Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts [default pivot fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.<br><br>This endpoint costs 44 credits to execute for a host, 28 credits to execute for a web property, and 7 credits to execute for a certificate.
+ * Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts default pivot fields from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
  */
 export declare function threatHuntingCreateCenseyeJob(client: SDKCore, request: operations.V3ThreathuntingCenseyeJobsCreateRequest, options?: RequestOptions): APIPromise<Result<operations.V3ThreathuntingCenseyeJobsCreateResponse, errors.AuthenticationError | errors.ErrorModel | SDKBaseError | ResponseValidationError | ConnectionError | RequestAbortedError | RequestTimeoutError | InvalidRequestError | UnexpectedClientError | SDKValidationError>>;
 //# sourceMappingURL=threatHuntingCreateCenseyeJob.d.ts.map

package/funcs/threatHuntingCreateCenseyeJob.js

@@ -50,7 +50,7 @@ const async_js_1 = require("../types/async.js");
  * CensEye: Create a pivot analysis job
  *
  * @remarks
- * Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts [default pivot fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.<br><br>This endpoint costs 44 credits to execute for a host, 28 credits to execute for a web property, and 7 credits to execute for a certificate.
+ * Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts default pivot fields from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
  */
 function threatHuntingCreateCenseyeJob(client, request, options) {
     return new async_js_1.APIPromise($do(client, request, options));

package/funcs/threatHuntingCreateTrackedScan.d.ts

@@ -12,7 +12,7 @@ import { Result } from "../types/fp.js";
  * Live Discovery: Initiate a new scan
  *
  * @remarks
- * Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Threat Hunting module. It costs 15 credits to execute this endpoint.
+ * Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 15 credits to execute this endpoint.
  */
 export declare function threatHuntingCreateTrackedScan(client: SDKCore, request: operations.V3ThreathuntingScansDiscoveryRequest, options?: RequestOptions): APIPromise<Result<operations.V3ThreathuntingScansDiscoveryResponse, errors.AuthenticationError | errors.ErrorModel | SDKBaseError | ResponseValidationError | ConnectionError | RequestAbortedError | RequestTimeoutError | InvalidRequestError | UnexpectedClientError | SDKValidationError>>;
 //# sourceMappingURL=threatHuntingCreateTrackedScan.d.ts.map

package/funcs/threatHuntingCreateTrackedScan.js

@@ -50,7 +50,7 @@ const async_js_1 = require("../types/async.js");
  * Live Discovery: Initiate a new scan
  *
  * @remarks
- * Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Threat Hunting module. It costs 15 credits to execute this endpoint.
+ * Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 15 credits to execute this endpoint.
  */
 function threatHuntingCreateTrackedScan(client, request, options) {
     return new async_js_1.APIPromise($do(client, request, options));

package/funcs/threatHuntingGetCenseyeJob.d.ts

@@ -12,7 +12,7 @@ import { Result } from "../types/fp.js";
  * CensEye: Get job status
  *
  * @remarks
- * Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.
+ * Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
  */
 export declare function threatHuntingGetCenseyeJob(client: SDKCore, request: operations.V3ThreathuntingCenseyeJobsGetRequest, options?: RequestOptions): APIPromise<Result<operations.V3ThreathuntingCenseyeJobsGetResponse, errors.AuthenticationError | errors.ErrorModel | SDKBaseError | ResponseValidationError | ConnectionError | RequestAbortedError | RequestTimeoutError | InvalidRequestError | UnexpectedClientError | SDKValidationError>>;
 //# sourceMappingURL=threatHuntingGetCenseyeJob.d.ts.map

package/funcs/threatHuntingGetCenseyeJob.js

@@ -50,7 +50,7 @@ const async_js_1 = require("../types/async.js");
  * CensEye: Get job status
  *
  * @remarks
- * Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.
+ * Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
  */
 function threatHuntingGetCenseyeJob(client, request, options) {
     return new async_js_1.APIPromise($do(client, request, options));

package/funcs/threatHuntingGetCenseyeJobResults.d.ts

@@ -12,7 +12,7 @@ import { Result } from "../types/fp.js";
  * CensEye: Get job results
  *
  * @remarks
- * Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.
+ * Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
  */
 export declare function threatHuntingGetCenseyeJobResults(client: SDKCore, request: operations.V3ThreathuntingCenseyeJobResultsRequest, options?: RequestOptions): APIPromise<Result<operations.V3ThreathuntingCenseyeJobResultsResponse, errors.AuthenticationError | errors.ErrorModel | SDKBaseError | ResponseValidationError | ConnectionError | RequestAbortedError | RequestTimeoutError | InvalidRequestError | UnexpectedClientError | SDKValidationError>>;
 //# sourceMappingURL=threatHuntingGetCenseyeJobResults.d.ts.map

package/funcs/threatHuntingGetCenseyeJobResults.js

@@ -50,7 +50,7 @@ const async_js_1 = require("../types/async.js");
  * CensEye: Get job results
  *
  * @remarks
- * Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.
+ * Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
  */
 function threatHuntingGetCenseyeJobResults(client, request, options) {
     return new async_js_1.APIPromise($do(client, request, options));

package/funcs/threatHuntingGetHostObservationsWithCertificate.d.ts

@@ -12,7 +12,7 @@ import { Result } from "../types/fp.js";
  * Get host history for a certificate
  *
  * @remarks
- * Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Threat Hunting users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Threat Hunting module. It costs 5 credits per page of results.
+ * Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Adversary Investigation users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 5 credits per page of results.
  */
 export declare function threatHuntingGetHostObservationsWithCertificate(client: SDKCore, request: operations.V3ThreathuntingGetHostObservationsWithCertificateRequest, options?: RequestOptions): APIPromise<Result<operations.V3ThreathuntingGetHostObservationsWithCertificateResponse, errors.AuthenticationError | errors.ErrorModel | SDKBaseError | ResponseValidationError | ConnectionError | RequestAbortedError | RequestTimeoutError | InvalidRequestError | UnexpectedClientError | SDKValidationError>>;
 //# sourceMappingURL=threatHuntingGetHostObservationsWithCertificate.d.ts.map

package/funcs/threatHuntingGetHostObservationsWithCertificate.js

@@ -50,7 +50,7 @@ const async_js_1 = require("../types/async.js");
  * Get host history for a certificate
  *
  * @remarks
- * Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Threat Hunting users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Threat Hunting module. It costs 5 credits per page of results.
+ * Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Adversary Investigation users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 5 credits per page of results.
  */
 function threatHuntingGetHostObservationsWithCertificate(client, request, options) {
     return new async_js_1.APIPromise($do(client, request, options));

package/funcs/threatHuntingListThreats.d.ts

@@ -12,7 +12,7 @@ import { Result } from "../types/fp.js";
  * List active threats
  *
  * @remarks
- * Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Threat Hunting module.
+ * Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module.
  */
 export declare function threatHuntingListThreats(client: SDKCore, request: operations.V3ThreathuntingThreatsListRequest, options?: RequestOptions): APIPromise<Result<operations.V3ThreathuntingThreatsListResponse, errors.AuthenticationError | errors.ErrorModel | SDKBaseError | ResponseValidationError | ConnectionError | RequestAbortedError | RequestTimeoutError | InvalidRequestError | UnexpectedClientError | SDKValidationError>>;
 //# sourceMappingURL=threatHuntingListThreats.d.ts.map

package/funcs/threatHuntingListThreats.js

@@ -50,7 +50,7 @@ const async_js_1 = require("../types/async.js");
  * List active threats
  *
  * @remarks
- * Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Threat Hunting module.
+ * Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module.
  */
 function threatHuntingListThreats(client, request, options) {
     return new async_js_1.APIPromise($do(client, request, options));

package/funcs/threatHuntingValueCounts.d.ts

@@ -12,7 +12,7 @@ import { Result } from "../types/fp.js";
  * CensEye: Retrieve value counts to discover pivots
  *
  * @remarks
- * Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Threat Hunting Module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
+ * Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
  */
 export declare function threatHuntingValueCounts(client: SDKCore, request: operations.V3ThreathuntingValueCountsRequest, options?: RequestOptions): APIPromise<Result<operations.V3ThreathuntingValueCountsResponse, errors.AuthenticationError | errors.ErrorModel | SDKBaseError | ResponseValidationError | ConnectionError | RequestAbortedError | RequestTimeoutError | InvalidRequestError | UnexpectedClientError | SDKValidationError>>;
 //# sourceMappingURL=threatHuntingValueCounts.d.ts.map

package/funcs/threatHuntingValueCounts.js

@@ -50,7 +50,7 @@ const async_js_1 = require("../types/async.js");
  * CensEye: Retrieve value counts to discover pivots
  *
  * @remarks
- * Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Threat Hunting Module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
+ * Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
  */
 function threatHuntingValueCounts(client, request, options) {
     return new async_js_1.APIPromise($do(client, request, options));

package/jsr.json

@@ -2,7 +2,7 @@
 
 {
   "name": "@censys/platform-sdk",
-  "version": "0.10.3",
+  "version": "0.10.4",
   "exports": {
     ".": "./src/index.ts",    
     "./models/errors": "./src/models/errors/index.ts",    

package/lib/config.d.ts

@@ -34,9 +34,9 @@ export type SDKOptions = {
 export declare function serverURLFromOptions(options: SDKOptions): URL | null;
 export declare const SDK_METADATA: {
     readonly language: "typescript";
-    readonly openapiDocVersion: "1.0.88";
-    readonly sdkVersion: "0.10.3";
+    readonly openapiDocVersion: "1.0.89";
+    readonly sdkVersion: "0.10.4";
     readonly genVersion: "2.879.1";
-    readonly userAgent: "speakeasy-sdk/typescript 0.10.3 2.879.1 1.0.88 @censys/platform-sdk";
+    readonly userAgent: "speakeasy-sdk/typescript 0.10.4 2.879.1 1.0.89 @censys/platform-sdk";
 };
 //# sourceMappingURL=config.d.ts.map

package/lib/config.js

@@ -30,9 +30,9 @@ function serverURLFromOptions(options) {
 }
 exports.SDK_METADATA = {
     language: "typescript",
-    openapiDocVersion: "1.0.88",
-    sdkVersion: "0.10.3",
+    openapiDocVersion: "1.0.89",
+    sdkVersion: "0.10.4",
     genVersion: "2.879.1",
-    userAgent: "speakeasy-sdk/typescript 0.10.3 2.879.1 1.0.88 @censys/platform-sdk",
+    userAgent: "speakeasy-sdk/typescript 0.10.4 2.879.1 1.0.89 @censys/platform-sdk",
 };
 //# sourceMappingURL=config.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@censys/platform-sdk",
-  "version": "0.10.3",
+  "version": "0.10.4",
   "author": "Speakeasy",
   "main": "./index.js",
   "sideEffects": false,

package/sdk/adversaryinvestigation.d.ts

@@ -0,0 +1,54 @@
+import { ClientSDK, RequestOptions } from "../lib/sdks.js";
+import * as operations from "../models/operations/index.js";
+export declare class AdversaryInvestigation extends ClientSDK {
+    /**
+     * CensEye: Create a pivot analysis job
+     *
+     * @remarks
+     * Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts default pivot fields from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
+     */
+    createCenseyeJob(request: operations.V3ThreathuntingCenseyeJobsCreateRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingCenseyeJobsCreateResponse>;
+    /**
+     * CensEye: Get job status
+     *
+     * @remarks
+     * Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
+     */
+    getCenseyeJob(request: operations.V3ThreathuntingCenseyeJobsGetRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingCenseyeJobsGetResponse>;
+    /**
+     * CensEye: Get job results
+     *
+     * @remarks
+     * Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
+     */
+    getCenseyeJobResults(request: operations.V3ThreathuntingCenseyeJobResultsRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingCenseyeJobResultsResponse>;
+    /**
+     * Get host history for a certificate
+     *
+     * @remarks
+     * Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Adversary Investigation users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 5 credits per page of results.
+     */
+    getHostObservationsWithCertificate(request: operations.V3ThreathuntingGetHostObservationsWithCertificateRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingGetHostObservationsWithCertificateResponse>;
+    /**
+     * Live Discovery: Initiate a new scan
+     *
+     * @remarks
+     * Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 15 credits to execute this endpoint.
+     */
+    createTrackedScan(request: operations.V3ThreathuntingScansDiscoveryRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingScansDiscoveryResponse>;
+    /**
+     * List active threats
+     *
+     * @remarks
+     * Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module.
+     */
+    listThreats(request: operations.V3ThreathuntingThreatsListRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingThreatsListResponse>;
+    /**
+     * CensEye: Retrieve value counts to discover pivots
+     *
+     * @remarks
+     * Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
+     */
+    valueCounts(request: operations.V3ThreathuntingValueCountsRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingValueCountsResponse>;
+}
+//# sourceMappingURL=adversaryinvestigation.d.ts.map

package/sdk/adversaryinvestigation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"adversaryinvestigation.d.ts","sourceRoot":"","sources":["../src/sdk/adversaryinvestigation.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,KAAK,UAAU,MAAM,+BAA+B,CAAC;AAG5D,qBAAa,sBAAuB,SAAQ,SAAS;IACnD;;;;;OAKG;IACG,gBAAgB,CACpB,OAAO,EAAE,UAAU,CAAC,uCAAuC,EAC3D,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,UAAU,CAAC,wCAAwC,CAAC;IAQ/D;;;;;OAKG;IACG,aAAa,CACjB,OAAO,EAAE,UAAU,CAAC,oCAAoC,EACxD,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,UAAU,CAAC,qCAAqC,CAAC;IAQ5D;;;;;OAKG;IACG,oBAAoB,CACxB,OAAO,EAAE,UAAU,CAAC,uCAAuC,EAC3D,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,UAAU,CAAC,wCAAwC,CAAC;IAQ/D;;;;;OAKG;IACG,kCAAkC,CACtC,OAAO,EACL,UAAU,CAAC,wDAAwD,EACrE,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CACR,UAAU,CAAC,yDAAyD,CACrE;IAQD;;;;;OAKG;IACG,iBAAiB,CACrB,OAAO,EAAE,UAAU,CAAC,oCAAoC,EACxD,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,UAAU,CAAC,qCAAqC,CAAC;IAQ5D;;;;;OAKG;IACG,WAAW,CACf,OAAO,EAAE,UAAU,CAAC,iCAAiC,EACrD,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,UAAU,CAAC,kCAAkC,CAAC;IAQzD;;;;;OAKG;IACG,WAAW,CACf,OAAO,EAAE,UAAU,CAAC,iCAAiC,EACrD,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,UAAU,CAAC,kCAAkC,CAAC;CAO1D"}

package/sdk/adversaryinvestigation.js

@@ -0,0 +1,82 @@
+"use strict";
+/*
+ * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdversaryInvestigation = void 0;
+const threatHuntingCreateCenseyeJob_js_1 = require("../funcs/threatHuntingCreateCenseyeJob.js");
+const threatHuntingCreateTrackedScan_js_1 = require("../funcs/threatHuntingCreateTrackedScan.js");
+const threatHuntingGetCenseyeJob_js_1 = require("../funcs/threatHuntingGetCenseyeJob.js");
+const threatHuntingGetCenseyeJobResults_js_1 = require("../funcs/threatHuntingGetCenseyeJobResults.js");
+const threatHuntingGetHostObservationsWithCertificate_js_1 = require("../funcs/threatHuntingGetHostObservationsWithCertificate.js");
+const threatHuntingListThreats_js_1 = require("../funcs/threatHuntingListThreats.js");
+const threatHuntingValueCounts_js_1 = require("../funcs/threatHuntingValueCounts.js");
+const sdks_js_1 = require("../lib/sdks.js");
+const fp_js_1 = require("../types/fp.js");
+class AdversaryInvestigation extends sdks_js_1.ClientSDK {
+    /**
+     * CensEye: Create a pivot analysis job
+     *
+     * @remarks
+     * Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts default pivot fields from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
+     */
+    async createCenseyeJob(request, options) {
+        return (0, fp_js_1.unwrapAsync)((0, threatHuntingCreateCenseyeJob_js_1.threatHuntingCreateCenseyeJob)(this, request, options));
+    }
+    /**
+     * CensEye: Get job status
+     *
+     * @remarks
+     * Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
+     */
+    async getCenseyeJob(request, options) {
+        return (0, fp_js_1.unwrapAsync)((0, threatHuntingGetCenseyeJob_js_1.threatHuntingGetCenseyeJob)(this, request, options));
+    }
+    /**
+     * CensEye: Get job results
+     *
+     * @remarks
+     * Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
+     */
+    async getCenseyeJobResults(request, options) {
+        return (0, fp_js_1.unwrapAsync)((0, threatHuntingGetCenseyeJobResults_js_1.threatHuntingGetCenseyeJobResults)(this, request, options));
+    }
+    /**
+     * Get host history for a certificate
+     *
+     * @remarks
+     * Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Adversary Investigation users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 5 credits per page of results.
+     */
+    async getHostObservationsWithCertificate(request, options) {
+        return (0, fp_js_1.unwrapAsync)((0, threatHuntingGetHostObservationsWithCertificate_js_1.threatHuntingGetHostObservationsWithCertificate)(this, request, options));
+    }
+    /**
+     * Live Discovery: Initiate a new scan
+     *
+     * @remarks
+     * Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 15 credits to execute this endpoint.
+     */
+    async createTrackedScan(request, options) {
+        return (0, fp_js_1.unwrapAsync)((0, threatHuntingCreateTrackedScan_js_1.threatHuntingCreateTrackedScan)(this, request, options));
+    }
+    /**
+     * List active threats
+     *
+     * @remarks
+     * Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module.
+     */
+    async listThreats(request, options) {
+        return (0, fp_js_1.unwrapAsync)((0, threatHuntingListThreats_js_1.threatHuntingListThreats)(this, request, options));
+    }
+    /**
+     * CensEye: Retrieve value counts to discover pivots
+     *
+     * @remarks
+     * Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
+     */
+    async valueCounts(request, options) {
+        return (0, fp_js_1.unwrapAsync)((0, threatHuntingValueCounts_js_1.threatHuntingValueCounts)(this, request, options));
+    }
+}
+exports.AdversaryInvestigation = AdversaryInvestigation;
+//# sourceMappingURL=adversaryinvestigation.js.map

package/sdk/adversaryinvestigation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"adversaryinvestigation.js","sourceRoot":"","sources":["../src/sdk/adversaryinvestigation.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,gGAA0F;AAC1F,kGAA4F;AAC5F,0FAAoF;AACpF,wGAAkG;AAClG,oIAA8H;AAC9H,sFAAgF;AAChF,sFAAgF;AAChF,4CAA2D;AAE3D,0CAA6C;AAE7C,MAAa,sBAAuB,SAAQ,mBAAS;IACnD;;;;;OAKG;IACH,KAAK,CAAC,gBAAgB,CACpB,OAA2D,EAC3D,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,gEAA6B,EAC9C,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CACjB,OAAwD,EACxD,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,0DAA0B,EAC3C,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,oBAAoB,CACxB,OAA2D,EAC3D,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,wEAAiC,EAClD,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,kCAAkC,CACtC,OACqE,EACrE,OAAwB;QAIxB,OAAO,IAAA,mBAAW,EAAC,IAAA,oGAA+C,EAChE,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CACrB,OAAwD,EACxD,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,kEAA8B,EAC/C,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CACf,OAAqD,EACrD,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,sDAAwB,EACzC,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CACf,OAAqD,EACrD,OAAwB;QAExB,OAAO,IAAA,mBAAW,EAAC,IAAA,sDAAwB,EACzC,IAAI,EACJ,OAAO,EACP,OAAO,CACR,CAAC,CAAC;IACL,CAAC;CACF;AA1HD,wDA0HC"}

package/sdk/sdk.d.ts

@@ -1,5 +1,6 @@
 import { ClientSDK } from "../lib/sdks.js";
 import { AccountManagement } from "./accountmanagement.js";
+import { AdversaryInvestigation } from "./adversaryinvestigation.js";
 import { Collections } from "./collections.js";
 import { GlobalData } from "./globaldata.js";
 import { ThreatHunting } from "./threathunting.js";
@@ -12,5 +13,7 @@ export declare class SDK extends ClientSDK {
     get globalData(): GlobalData;
     private _threatHunting?;
     get threatHunting(): ThreatHunting;
+    private _adversaryInvestigation?;
+    get adversaryInvestigation(): AdversaryInvestigation;
 }
 //# sourceMappingURL=sdk.d.ts.map

package/sdk/sdk.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sdk.d.ts","sourceRoot":"","sources":["../src/sdk/sdk.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEnD,qBAAa,GAAI,SAAQ,SAAS;IAChC,OAAO,CAAC,kBAAkB,CAAC,CAAoB;IAC/C,IAAI,iBAAiB,IAAI,iBAAiB,CAEzC;IAED,OAAO,CAAC,YAAY,CAAC,CAAc;IACnC,IAAI,WAAW,IAAI,WAAW,CAE7B;IAED,OAAO,CAAC,WAAW,CAAC,CAAa;IACjC,IAAI,UAAU,IAAI,UAAU,CAE3B;IAED,OAAO,CAAC,cAAc,CAAC,CAAgB;IACvC,IAAI,aAAa,IAAI,aAAa,CAEjC;CACF"}
+{"version":3,"file":"sdk.d.ts","sourceRoot":"","sources":["../src/sdk/sdk.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEnD,qBAAa,GAAI,SAAQ,SAAS;IAChC,OAAO,CAAC,kBAAkB,CAAC,CAAoB;IAC/C,IAAI,iBAAiB,IAAI,iBAAiB,CAEzC;IAED,OAAO,CAAC,YAAY,CAAC,CAAc;IACnC,IAAI,WAAW,IAAI,WAAW,CAE7B;IAED,OAAO,CAAC,WAAW,CAAC,CAAa;IACjC,IAAI,UAAU,IAAI,UAAU,CAE3B;IAED,OAAO,CAAC,cAAc,CAAC,CAAgB;IACvC,IAAI,aAAa,IAAI,aAAa,CAEjC;IAED,OAAO,CAAC,uBAAuB,CAAC,CAAyB;IACzD,IAAI,sBAAsB,IAAI,sBAAsB,CAInD;CACF"}

package/sdk/sdk.js

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.SDK = void 0;
 const sdks_js_1 = require("../lib/sdks.js");
 const accountmanagement_js_1 = require("./accountmanagement.js");
+const adversaryinvestigation_js_1 = require("./adversaryinvestigation.js");
 const collections_js_1 = require("./collections.js");
 const globaldata_js_1 = require("./globaldata.js");
 const threathunting_js_1 = require("./threathunting.js");
@@ -22,6 +23,9 @@ class SDK extends sdks_js_1.ClientSDK {
     get threatHunting() {
         return (this._threatHunting ?? (this._threatHunting = new threathunting_js_1.ThreatHunting(this._options)));
     }
+    get adversaryInvestigation() {
+        return (this._adversaryInvestigation ?? (this._adversaryInvestigation = new adversaryinvestigation_js_1.AdversaryInvestigation(this._options)));
+    }
 }
 exports.SDK = SDK;
 //# sourceMappingURL=sdk.js.map

package/sdk/sdk.js.map

@@ -1 +1 @@
-{"version":3,"file":"sdk.js","sourceRoot":"","sources":["../src/sdk/sdk.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,4CAA2C;AAC3C,iEAA2D;AAC3D,qDAA+C;AAC/C,mDAA6C;AAC7C,yDAAmD;AAEnD,MAAa,GAAI,SAAQ,mBAAS;IAEhC,IAAI,iBAAiB;QACnB,OAAO,CAAC,IAAI,CAAC,kBAAkB,KAAvB,IAAI,CAAC,kBAAkB,GAAK,IAAI,wCAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAC,CAAC;IAC5E,CAAC;IAGD,IAAI,WAAW;QACb,OAAO,CAAC,IAAI,CAAC,YAAY,KAAjB,IAAI,CAAC,YAAY,GAAK,IAAI,4BAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAC,CAAC;IAChE,CAAC;IAGD,IAAI,UAAU;QACZ,OAAO,CAAC,IAAI,CAAC,WAAW,KAAhB,IAAI,CAAC,WAAW,GAAK,IAAI,0BAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAC,CAAC;IAC9D,CAAC;IAGD,IAAI,aAAa;QACf,OAAO,CAAC,IAAI,CAAC,cAAc,KAAnB,IAAI,CAAC,cAAc,GAAK,IAAI,gCAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAC,CAAC;IACpE,CAAC;CACF;AApBD,kBAoBC"}
+{"version":3,"file":"sdk.js","sourceRoot":"","sources":["../src/sdk/sdk.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,4CAA2C;AAC3C,iEAA2D;AAC3D,2EAAqE;AACrE,qDAA+C;AAC/C,mDAA6C;AAC7C,yDAAmD;AAEnD,MAAa,GAAI,SAAQ,mBAAS;IAEhC,IAAI,iBAAiB;QACnB,OAAO,CAAC,IAAI,CAAC,kBAAkB,KAAvB,IAAI,CAAC,kBAAkB,GAAK,IAAI,wCAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAC,CAAC;IAC5E,CAAC;IAGD,IAAI,WAAW;QACb,OAAO,CAAC,IAAI,CAAC,YAAY,KAAjB,IAAI,CAAC,YAAY,GAAK,IAAI,4BAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAC,CAAC;IAChE,CAAC;IAGD,IAAI,UAAU;QACZ,OAAO,CAAC,IAAI,CAAC,WAAW,KAAhB,IAAI,CAAC,WAAW,GAAK,IAAI,0BAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAC,CAAC;IAC9D,CAAC;IAGD,IAAI,aAAa;QACf,OAAO,CAAC,IAAI,CAAC,cAAc,KAAnB,IAAI,CAAC,cAAc,GAAK,IAAI,gCAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAC,CAAC;IACpE,CAAC;IAGD,IAAI,sBAAsB;QACxB,OAAO,CAAC,IAAI,CAAC,uBAAuB,KAA5B,IAAI,CAAC,uBAAuB,GAAK,IAAI,kDAAsB,CACjE,IAAI,CAAC,QAAQ,CACd,EAAC,CAAC;IACL,CAAC;CACF;AA3BD,kBA2BC"}

package/sdk/threathunting.d.ts

@@ -5,35 +5,35 @@ export declare class ThreatHunting extends ClientSDK {
      * CensEye: Create a pivot analysis job
      *
      * @remarks
-     * Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts [default pivot fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.<br><br>This endpoint costs 44 credits to execute for a host, 28 credits to execute for a web property, and 7 credits to execute for a certificate.
+     * Create an asynchronous CensEye pivot analysis job for a host, web property, or certificate. The job extracts default pivot fields from the target asset and counts matching documents for each field-value pair. Poll the job status endpoint to track progress, then retrieve results when complete.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
      */
     createCenseyeJob(request: operations.V3ThreathuntingCenseyeJobsCreateRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingCenseyeJobsCreateResponse>;
     /**
      * CensEye: Get job status
      *
      * @remarks
-     * Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.
+     * Retrieve the current status of a CensEye pivot analysis job. Use this to poll for completion before fetching results.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
      */
     getCenseyeJob(request: operations.V3ThreathuntingCenseyeJobsGetRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingCenseyeJobsGetResponse>;
     /**
      * CensEye: Get job results
      *
      * @remarks
-     * Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Threat Hunting module.
+     * Retrieve the results of a completed CensEye pivot analysis job. Each result contains a count and the field-value pairs that were analyzed. Results may be empty if the job is still running.<br><br>Results are paginated. Use the `next_page_token` from the response to fetch subsequent pages.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module.
      */
     getCenseyeJobResults(request: operations.V3ThreathuntingCenseyeJobResultsRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingCenseyeJobResultsResponse>;
     /**
      * Get host history for a certificate
      *
      * @remarks
-     * Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Threat Hunting users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Threat Hunting module. It costs 5 credits per page of results.
+     * Retrieve the historical observations of hosts associated with a certificate. This is useful for threat hunting, detection engineering, and timeline generation. Certificate history is also visible to Adversary Investigation users in the Platform UI on the [certificate timeline](https://docs.censys.com/docs/platform-threat-hunting-use-cert-history-to-build-better-detections#/).<br><br>You can define a specific time frame of interest. If you do not specify a time frame, this endpoint will search the historical dataset that is available to your account. You may also filter results by port and transport protocol.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 5 credits per page of results.
      */
     getHostObservationsWithCertificate(request: operations.V3ThreathuntingGetHostObservationsWithCertificateRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingGetHostObservationsWithCertificateResponse>;
     /**
      * Live Discovery: Initiate a new scan
      *
      * @remarks
-     * Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Threat Hunting module. It costs 15 credits to execute this endpoint.
+     * Initiate a scan to look for a currently unobserved service at a specific IP and port (`ip:port`) or hostname and port (`hostname:port`). This is equivalent to the [Live Discovery](https://docs.censys.com/docs/platform-threat-hunting-use-live-scan-and-rescan-to-validate-infrastructure#/) feature available in the UI, but you can also target web properties in addition to hosts.<br><br>The scan may take several minutes to complete. The response will contain a scan ID that you can use to [monitor the scan's status](https://docs.censys.com/reference/v3-threathunting-scans-get#/). After the scan completes, perform a lookup on the target asset to retrieve detailed scan information.<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module. It costs 15 credits to execute this endpoint.
      */
     createTrackedScan(request: operations.V3ThreathuntingScansDiscoveryRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingScansDiscoveryResponse>;
     /**
@@ -47,14 +47,14 @@ export declare class ThreatHunting extends ClientSDK {
      * List active threats
      *
      * @remarks
-     * Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Threat Hunting module.
+     * Retrieve a list of active threats observed by Censys by aggregating threat IDs across hosts and web properties. Threats are active if their fingerprint has been identified on hosts or web properties by Censys scans. This information is also available on the [Explore Threats page in the Platform web UI](https://platform.censys.io/threats).<br><br>This endpoint is available to organizations that have access to the Adversary Investigation module.
      */
     listThreats(request: operations.V3ThreathuntingThreatsListRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingThreatsListResponse>;
     /**
      * CensEye: Retrieve value counts to discover pivots
      *
      * @remarks
-     * Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Threat Hunting Module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
+     * Get counts of web assets for specific field-value pairs and combinations of field-value pairs. This is similar to the [CensEye functionality](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#/) available in the Platform web UI, but it allows you to define specific fields of interest rather than the [default fields](https://docs.censys.com/docs/platform-threat-hunting-use-censeye-to-build-detections#default-pivot-fields) leveraged by the tool in the UI.<br><br>Each array can only target fields within the same nested object and may contain at most 5 field-value pairs. For example, you can combine `host.services.port=80` and `host.services.protocol=SSH` in the same array, but you cannot combine `host.services.port=80` and `host.location.country="United States"` in the same array. You can input multiple arrays of objects in each API call.<br><br>To use this endpoint, your organization must have access to the Adversary Investigation module. This endpoint costs 1 credit per count condition (array of objects) included in the API call.
      */
     valueCounts(request: operations.V3ThreathuntingValueCountsRequest, options?: RequestOptions): Promise<operations.V3ThreathuntingValueCountsResponse>;
 }