Does FortiSOAR have any advisory related to sensitive URL appearing on the URLScan.io

Forum|Forum|3 years ago
November 17, 2022
1 reply
1420 views

On URLScan.io, some sensitive URLs to shared documents, password reset sites etc. were leaked recently. Is there any advisory for FortiSOAR users to verify their URLScan.io integration is safeguarded from the issue?

Best answer by ashukla

Yes. You can do one of two things:

Manually enable the Private mode in FortiSOAR's URLScan.io integration, or
Update the URLScan.io connector to the latest version - v1.1.2

The detailed steps are mentioned in this KB article.

https://community.fortinet.com/t5/FortiSOAR-Knowledge-Base/Technical-Tip-Prevent-sensitive-URLs-from-appearing-on-URLScan/ta-p/230006

For users with SOAR Framework Solution Pack earlier than v2.0.0, the playbook collection mentioned in the above article will be 03 - Enrich (Pluggable) -> Indicator (URL) - Get the latest reputation.

ashuklaAnswer

Staff

Yes. You can do one of two things:

Manually enable the Private mode in FortiSOAR's URLScan.io integration, or
Update the URLScan.io connector to the latest version - v1.1.2

The detailed steps are mentioned in this KB article.

https://community.fortinet.com/t5/FortiSOAR-Knowledge-Base/Technical-Tip-Prevent-sensitive-URLs-from-appearing-on-URLScan/ta-p/230006

For users with SOAR Framework Solution Pack earlier than v2.0.0, the playbook collection mentioned in the above article will be 03 - Enrich (Pluggable) -> Indicator (URL) - Get the latest reputation.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded