Skip to main content
All CollectionsTemplatesBasic
AlienVault URL Enrichment with Cache - Workflow Template
AlienVault URL Enrichment with Cache - Workflow Template

Nested workflow that will take a URL as input and query AlienVault's General and URL List for details and return analysis information.

Updated over a week ago

This Torq workflow template, *AlienVault URL Enrichment with Cache*, automates the process of analyzing and enriching URLs with threat intelligence. It queries AlienVault's General and URL List for details and cross-references findings against a cache to avoid duplicative lookups. The workflow provides actionable insights by identifying potential malicious findings, malware families, and Mitre Attack TTPs. Businesses can leverage this for enhancing security operations and threat intelligence enrichment, ensuring quick identification and response to URL-based threats.

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Provide URL and integration information to the nested workflow

  2. Check if the URL has been enriched and is found in the cache, if found return results.

  3. Query AlienVault for the URL in the General and URL List information

  4. Parse the analysis for malicious findings, malware families and Mitre Attack TTPs

  5. Return the information to the parent workflow

Vendors

Utils, AlienVault OTX, Torq

Workflow Output

Analysis information from AlienVault for the URL

Did this answer your question?