Submit URL to Malware Analytics
Out of Box
Response Workflow
This workflow submits a URL to Cisco Secure Malware Analytics for analysis. Supported observable: url
Change Log
Date | Notes |
---|---|
Jun 23, 2020 | - Initial release |
Sep 10, 2021 | - Updated to use the new system atomics |
See the Important Notes page for more information about updating workflows
Requirements
- The following system atomics are used by this workflow:
- Secure Malware Analytics - Submit URL
- The following atomic actions must be imported before you can import this workflow:
- None
- The targets and account keys listed at the bottom of the page
- Cisco Secure Malware Analytics
Workflow Steps
- Fetch any necessary global variables
- Make sure the observable is supported
- Submit the URL provided as the observable to Secure Malware Analytics
Configuration
- Provide the workflow your Secure Malware Analytics API token by either:
- Storing your token in a global variable and using the
Fetch Global Variables
group at the beginning of the workflow to update theSecure Malware Analytics API Key
local variable; or - Remove the
Fetch Global Variables
group and add your token directly to theSecure Malware Analytics API Key
local variable
- Storing your token in a global variable and using the
- If you want to change the name of this workflow in the pivot menu, change its display name
Targets
Target Group: Default TargetGroup
Target Name | Type | Details | Account Keys | Notes |
---|---|---|---|---|
ThreatGrid_Target | HTTP Endpoint | Protocol: HTTPS Host: panacea.threatgrid.com Path: None | None | Created by default |