Integrate Picnic superpowers into your cybersecurity operations and shift toward predictive prevention.


Picnic works outside your perimeter to identify, analyze, and remediate human risk, reducing the human attack surface with proactive remediations that make social engineering more difficult and expensive for threat actors. Our work continuously produces risk indicators you can ingest via REST API to supercharge existing cybersecurity controls and power new ones.

Picnic offers two REST APIs to fuel a human-centric cybersecurity strategy: a Human Risk API and a Compromised Credential API.

Human Risk API

Enrich your existing user metadata with individual user risk scores and exposure information without ingesting exposed PII.
While you can access individual risk scores and exposure information by logging into the Picnic dashboard and via frequent reports delivered by the Picnic team, a REST API enables the seamless operationalization of that human risk data without ingesting exposed PII. Integrating Picnic intelligence into your IdP, IAM, EDR, SIEM, SOAR, Email Security, and Cyber Awareness Training platforms via API enables a human-centric cybersecurity strategy. Picnic API supercharges your cybersecurity.
Picnic Human Risk API enables you to:
For API documentation, visit the Picnic Developer Portal
Picnic Dev Portal

API Sample Data

Sample Content
Identifiers like name and work email, general indicators of coverage like the number and type of monitored email addresses, physical addresses and phone numbers.
John Doe, [email protected], 3 Work Emails, 2 Personal Emails, 4 Addresses, 2 Cell Phone Numbers
Overall social engineering risk scores by quintile and benchmark scores relative to peers.
Overall Risk High, Accessibility Risk Moderate, Value Risk Critical, Peer Benchmark Higher, Peer Benchmark 67%
Individual risk by social engineering threat, including Corporate Email Spear Phishing, Password Cracking, Credential Stuffing, etc.
Identity Theft Critical, Password Cracking High, Credential Stuffing Moderate
Lower-level metrics created by picnic that inform risk calculations like “exposed personal cell phone”, “has privileged technical access” and “has additional employment”.
Exposed cell phone number TRUE, exposed home address TRUE, privileged technical access TRUE, LinkedIn Account TRUE, Insider Threat Risk TRUE
Aggregate exposed beach content and exposure within individual breaches, such as the total count of breaches, the most recent breach date, count of exposed cleartext passwords, the number of accounts tracked, type of accounts tracked and the exposed content type(s) per individual breach.
Total Breaches 31, Last breach 5/21/21, Exposed Cleartext Passwords 12, Breach 1 Name, Breach 1 Description, Breach 1 Exposed Data Categories, Breach 1 Date…
Password metadata including the number of unique passwords, the number of ciphertext passwords and the aggregate password strength/sophistication. Exposed passwords are available via Picnic’s compromised credential API.
Unique Cleartext Passwords 7, Unique Ciphertext Passwords 11, Last Unique Password Exposure 11/12/20, Password Strength 58

Compromised Credential API

Automatically and continuously protects your organization against compromised credential reuse.
Most employees reuse passwords from past jobs and personal accounts within their current work environment. Most do not know if their credentials were exposed in a breach, and threat actors can exploit this blind spot in your organization to conduct credential-stuffing attacks. Social engineers do not need much to connect the dots between work and personal identities. In fact, the 2024 X-Factor Threat Intelligence Index by IBM reported an increase of 71% yearly in the volume of attacks using valid credentials.
Picnic Compromised Credential API enables you to:

How it works

Get started today

Move beyond the corporate perimeter to reduce human risk and proactively safeguard against cyber threats with zero effort.

Scroll to Top