Submit URL to Malware Analytics
Out of Box
Response Workflow
This workflow submits a URL to Cisco Secure Malware Analytics for analysis. Supported observable: url
Change Log
| Date | Notes |
|---|---|
| Jun 23, 2020 | - Initial release |
| Sep 10, 2021 | - Updated to use the new system atomics |
See the Important Notes page for more information about updating workflows
Requirements
- The following system atomics are used by this workflow:
- Secure Malware Analytics - Submit URL
- The following atomic actions must be imported before you can import this workflow:
- None
- The targets and account keys listed at the bottom of the page
- Cisco Secure Malware Analytics
Workflow Steps
- Fetch any necessary global variables
- Make sure the observable is supported
- Submit the URL provided as the observable to Secure Malware Analytics
Configuration
- Provide the workflow your Secure Malware Analytics API token by either:
- Storing your token in a global variable and using the
Fetch Global Variablesgroup at the beginning of the workflow to update theSecure Malware Analytics API Keylocal variable; or - Remove the
Fetch Global Variablesgroup and add your token directly to theSecure Malware Analytics API Keylocal variable
- Storing your token in a global variable and using the
- If you want to change the name of this workflow in the pivot menu, change its display name
Targets
Target Group: Default TargetGroup
| Target Name | Type | Details | Account Keys | Notes |
|---|---|---|---|---|
| ThreatGrid_Target | HTTP Endpoint | Protocol: HTTPSHost: panacea.threatgrid.comPath: None | None | Created by default |