The "Slack Mention to Analyze Suspicious URLs and IPs with VirusTotal" workflow template is designed to automate security checks in response to Slack events. Upon triggering by the keyword "analyze" in a Slack mention, it scans for IP addresses and URLs within the message, checks them against VirusTotal, and shares the findings back in the Slack thread, streamlining the process to quickly identify potential threats.
Trigger
Slack
Use Cases
Security Bots
Workflow Breakdown
Respond to a mention event from Slack with the keyword "analyze"
Filter for IPs and URLs from the event
Scan IPs if provided in the event and send the results
Scan URLs if provided in the event and send the results
Send message at the end of the workflow
Vendors
Slack, Utils, VirusTotal
Workflow Output
Updates via Slack
Tips
Results will be provided to the originator and original Slack thread