Skip to main content
All CollectionsTemplatesBasic
AbuseIPDB IPv4 Address Enrichment with Cache - Workflow Template
AbuseIPDB IPv4 Address Enrichment with Cache - Workflow Template

Workflow that will take an IPv4 address as input and query AbuseIPDB for details about the address including the Abuse Confidence Score.

Updated over a week ago

The "AbuseIPDB IPv4 Address Enrichment with Cache" workflow template provides an automated process for threat intelligence enrichment. The workflow takes an IPv4 address as input, checks for existing enrichment data in a cache, and if not present, queries AbuseIPDB to gather intelligence such as the Abuse Confidence Score. Results are cached for future efficiency, streamlining the response strategy during identification and analysis of potential threats.

Take Me to the Template

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Provide an IPv4 and integration information to the nested workflow

  2. Check if the address has been enriched and is found in the cache, if found return results.

  3. Query AbuseIPDB for the IPv4 address

  4. Return the results to the parent workflow

Vendors

Utils, AbuseIPDB, Torq

Workflow Output

Analysis information from AbuseIPDB for the IPv4 Address

Related Articles
AlienVault URL Enrichment with Cache - Workflow Template
VirusTotal URL Enrichment with Cache - Workflow Template
VirusTotal File Hash Enrichment with Cache - Workflow Template
VirusTotal IPv4 Address Enrichment with Cache - Workflow Template
AlienVault IPv4 Address Enrichment with Cache - Workflow Template
Did this answer your question?