Skip to main content
All CollectionsTemplatesBasic
Recorded Future - URL Enrichment with Cache - Workflow Template
Recorded Future - URL Enrichment with Cache - Workflow Template

Receive an URL from a parent workflow and query Recorded Future for its reputation.

Updated over a week ago

This Torq workflow template is designed for threat intelligence and security teams to efficiently assess the trustworthiness of a URL. Once triggered, the workflow checks a global cache to determine if the URL’s reputation has been recently analyzed. If cached data exists, it immediately provides the saved information to the requester. When no prior data is found, it conducts a fresh reputation analysis via Recorded Future, summarizes the findings, and caches the results locally for future inquiries. This streamlines threat intelligence processes by reducing repetitive queries and ensuring that the most current information is readily available.

Optional Triggers

"This workflows is intended to be used as a function."

Use Cases

Function, Threat Intelligence Enrichment

Workflow Breakdown

  1. Trigger the workflow and provide an URL.

  2. Lookup global variables to see if URL's reputation has been saved in the past 24 hours.

  3. If reputation is found on local cache, the saved data is returned to the parent workflow.

  4. When no reputation is found cached, a summary of the analysis data is created and saved with the original api data.

Vendors

Utils, Recorded Future, Torq

Workflow Output

Returns full analysis data and a summary of the information.

Tips

Set \"Provide Raw Data Analysis\" to true or false to add or remove original vendor information to the output

Did this answer your question?