URLVoid provides a service to analyze websites through multiple blacklist engines and online reputation tools to facilitate the detection of fraudulent and malicious websites. This service helps you identify websites involved in malware incidents, fraudulent activities, and phishing websites.
This document provides information about the URLVoid connector, which provides an interface to connect with the URLVoid server and facilitate automated interactions, with a URLVoid server using FortiSOAR™playbooks. Add the URLVoid connector as a step in FortiSOAR™playbooks and perform automated operations, such as scanning a website on the URLVoid server and retrieving the reputation of a website from URLVoid.
Connector Version: 1.1.0
Compatibility with FortiSOAR™Versions: 4.9.0.0-708 and later
Following enhancements have been made to the URLVoid Connector in version 1.1.0:
For the procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In CyOPs™, on the Connectors page, select the URLVoid connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the URLVoid server to which you will connect and perform the automated operations. |
API Key | API key that is configured for your account to access the URLVoid server. |
Identifier | Identifier of the user that is configured for your account to access the URLVoid server. |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Get Website Reputation | Retrieves the score and other details for the specified website from the URLVoid server based on the website name you have specified. | domain_reputation Investigation |
Parameter | Description |
---|---|
Website Name | Name of the website for which you want to retrieve reputation information and other details from the URLVoid server. |
Rescan | If you select this option, i.e. set this option to True , then the website is rescanned every time this operation is run so that the latest information is retrieved from the URLVoid server.By default, this option is set as True . |
The JSON output contains the reputation with the score and other details of the specified website, retrieved from the URLVoid server, based on the website name you have specified.
Note: Safety reputation for a website is defined in the count
variable. If the safety reputation of a website is 0, then the count
variable is not shown in the output. 0
means that no data for that website is available with the configured URLVoid server.
Following image displays a sample output:
The Sample - URLVoid - 1.1.0
playbook collection comes bundled with the URLVoid connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™after importing the URLVoid connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.
URLVoid provides a service to analyze websites through multiple blacklist engines and online reputation tools to facilitate the detection of fraudulent and malicious websites. This service helps you identify websites involved in malware incidents, fraudulent activities, and phishing websites.
This document provides information about the URLVoid connector, which provides an interface to connect with the URLVoid server and facilitate automated interactions, with a URLVoid server using FortiSOAR™playbooks. Add the URLVoid connector as a step in FortiSOAR™playbooks and perform automated operations, such as scanning a website on the URLVoid server and retrieving the reputation of a website from URLVoid.
Connector Version: 1.1.0
Compatibility with FortiSOAR™Versions: 4.9.0.0-708 and later
Following enhancements have been made to the URLVoid Connector in version 1.1.0:
For the procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In CyOPs™, on the Connectors page, select the URLVoid connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the URLVoid server to which you will connect and perform the automated operations. |
API Key | API key that is configured for your account to access the URLVoid server. |
Identifier | Identifier of the user that is configured for your account to access the URLVoid server. |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Get Website Reputation | Retrieves the score and other details for the specified website from the URLVoid server based on the website name you have specified. | domain_reputation Investigation |
Parameter | Description |
---|---|
Website Name | Name of the website for which you want to retrieve reputation information and other details from the URLVoid server. |
Rescan | If you select this option, i.e. set this option to True , then the website is rescanned every time this operation is run so that the latest information is retrieved from the URLVoid server.By default, this option is set as True . |
The JSON output contains the reputation with the score and other details of the specified website, retrieved from the URLVoid server, based on the website name you have specified.
Note: Safety reputation for a website is defined in the count
variable. If the safety reputation of a website is 0, then the count
variable is not shown in the output. 0
means that no data for that website is available with the configured URLVoid server.
Following image displays a sample output:
The Sample - URLVoid - 1.1.0
playbook collection comes bundled with the URLVoid connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™after importing the URLVoid connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.