Skip to main content

Workflow Template: Socrates Tool - Attach a Password-protected File to a Case

This workflow provides Socrates with the ability to download any file from an URL and attach it to a case as a password protected file.

Updated this week

The "Socrates Tool - Attach a Password-protected File to a Case" workflow template streamlines case management by automating the secure attachment of files to cases. It allows users to download content from a specified URL, encrypt it with a predefined password, and attach the resulting zip file to a case. This process enhances threat intelligence enrichment and threat hunting by ensuring sensitive files are securely managed and easily accessible within the case management system.

Take Me to the Template

Use Cases

Case Management , Threat Hunting , Threat Intelligence Enrichment

Workflow Breakdown

  1. Socrates will start this workflow by providing a Case ID and a URL.

  2. When Case ID is not provided, it defaults to the current case under investigation.

  3. The content of the URL is downloaded, and encrypted used a predefined password.

  4. Zip file is attached to the case.

Vendors

Utils, HTTP, Torq Cases

Related Articles
Workflow Template: Download a File from a SentinelOne Endpoint
Workflow Template: QuickAction - Fetch a File from Device on MS Defender Endpoint
Workflow Template: Analyze Attachment Files in Sandbox (QuickAction)
Workflow Template: QuickAction - Upload a File from a URL to a Case
Workflow Template: QuickAction - Fetch a File from Device on SentinelOne
Did this answer your question?