Skip to main content
All CollectionsTemplatesBasic
URLScan URL Enrichment with Cache - Workflow Template
URLScan URL Enrichment with Cache - Workflow Template

Receive a URL to analyze with URLScan and provide a summary of the URL with malicious, phishing, score and screenshot details if available.

Updated over a week ago

This workflow template automates the assessment of URLs for security threats by leveraging URLScan. Upon receiving a URL, the workflow handles the URL escape process, searches for existing scans on URLScan, and submits the URL for scanning if necessary. The final output includes a detailed analysis of the URL, reporting on malicious or phishing characteristics along with the URLScan score. A screenshot URL will also be provided if accessible. This enables organizations to enhance their threat intelligence through rapid identification and analysis of potentially harmful URLs.

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Receive a URL from the parent workflow along with the required integrations

  2. Escape the URL and search URLScan for a recent scan. If no results are found submit the URL.

  3. Collect the results from the scan or search

  4. Provide the details on the observable if it was found to be malicious, phishing, and the URLScan score. Provide a screenshot URL if available.

Vendors

Utils, urlscan.io, Torq

Workflow Output

Summary of the URLScan output

Did this answer your question?