This workflow template enables automated analysis of multiple URLs for potential security threats. Upon receipt of a list of URLs, it scans each one using URLScan to identify recent scans or submits a new scan if none are available. It consolidates the findings into a summary that includes indicators of malicious activity, potential phishing, an overall URLScan rating, and if available, a screenshot for each URL assessed. This empowers organizations with proactive Threat Intelligence Enrichment, enhancing their ability to recognize and react to cyber threats efficiently.
Use Cases
Threat Intelligence Enrichment
Workflow Breakdown
Receive an array of URLs from the parent workflow
Escape the URL and search URLScan for a recent scan. If no results are found submit the URL.
Collect the results from the scan or search
Provide details on each URL if malicious, phishing and the URLScan score. Provide a screenshot if available.
Vendors
Utils, urlscan.io
Workflow Output
Summary of the URLScan output.