Skip to main content
All CollectionsTemplatesBasic
VirusTotal URL Enrichment with Cache - Workflow Template
VirusTotal URL Enrichment with Cache - Workflow Template

Nested workflow that will take a URL as input and query VirusTotal for details and return analysis information on the URL.

Updated over 6 months ago

This Torq workflow template automates the process of URL threat intelligence enrichment using VirusTotal. It accepts a URL as an input, checks for existing analysis results in a cache, and if not present, queries VirusTotal for current details. The workflow parses the VirusTotal analysis for malicious, phishing, and suspicious indicators, and returns this information to the parent workflow. Ideal for teams requiring quick threat context for URLs without manual lookup, enhancing threat detection and security automation.

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Provide URL and integration information to the nested workflow

  2. Check if the URL has been enriched and is found in the cache, if found return results.

  3. Query VirusTotal for the URL, if not found submit URL for analysis

  4. Parse the analysis for malicious, phishing and suspicious findings

  5. Return the analysis information to the parent workflow.

Vendors

Utils, VirusTotal, Torq

Workflow Output

Analysis information from VirusTotal for the URL

Did this answer your question?