API & Integrations - Human Risk Public API - Mar 2026

Updated

Service Update

Availability March 31st, 2026
Product(s) API & Integrations, Human Risk Command Center
Who's affected Human Risk Command Center customers

Overview

Mimecast is pleased to announce the Human Risk Public API release. This API delivers secure, programmatic access to Human Risk data - enabling customers to automate risk monitoring, integrate human risk insights into reporting and analytics tools, and respond to risky behaviors via automated security workflows.

Use Cases

  1. Executive Risk Scorecard: Pull monthly Human Risk and Attack Score trends directly into your own dashboards and reporting tools. Give leadership a live, branded view of your organization's security posture.
  2. Reporting and Integrating: Surface your riskiest individuals using powerful filters, by score, department, location or manager, and pipe that data directly into your existing security platforms. Whether you're feeding an incident response workflow, SIEM, or SOAR, you can enrich security events with individual risk context, build automated playbooks, and create triage queues without ever leaving the tools your team already works in.
  3. Department and Location Risk Heatmaps: Aggregate risk data by team or office to pinpoint exactly where to focus remediation efforts. Rank departments and locations by average Human Risk Score to drive targeted training and intervention campaigns.
  4. Personalized Manager Dashboards: Give managers a filtered view of their own team's risk exposure. By querying individuals by manager ID, you can build self-service portals that empower team leads to monitor and act on risk.

What's changing

API availability: The Human Risk Public API is now available in the Mimecast Administration Console, under Integrations | API and Platform Integrations | Mimecast API 2.0.

Summary:

  • The Human Risk Public API is available to all Human Risk Command Center customers free of charge.

  • There are 7 read-only endpoints, all prefixed with: human-risk/v1

  • Up to 5 applications per tenant (default).

  • Rate limit:

    • 120 requests per minute for all (20 requests).

    • 60 requests per minute for risk profile & search (10 requests).

  • Access up to 12 months of historical data.

  • OAuth 2.0 authentication; API token creation requires admin privileges and Human Risk Command Center (HRCC) Read permission.

  • The API is built on the Apigee 2.0 platform.

Recommended actions

Nothing needs to be done as a result of these changes.

See Also...

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.