FortiSOAR Discussions
agoel
Staff
Staff

Does FortiSOAR have any advisory related to sensitive URL appearing on the URLScan.io

On URLScan.io, some sensitive URLs to shared documents, password reset sites etc. were leaked recently. Is there any advisory for FortiSOAR users to verify their URLScan.io integration is safeguarded from the issue?

Abhinav Goel
1 Solution
ashukla
Staff
Staff

Yes. You can do one of two things:

 

  1. Manually enable the Private mode in FortiSOAR's URLScan.io integration, or
  2. Update the URLScan.io connector to the latest version - v1.1.2

The detailed steps are mentioned in this KB article.

 

https://community.fortinet.com/t5/FortiSOAR-Knowledge-Base/Technical-Tip-Prevent-sensitive-URLs-from...

 

For users with SOAR Framework Solution Pack earlier than v2.0.0, the playbook collection mentioned in the above article will be 03 - Enrich (Pluggable) -> Indicator (URL) - Get the latest reputation.

View solution in original post

1 REPLY 1
ashukla
Staff
Staff

Yes. You can do one of two things:

 

  1. Manually enable the Private mode in FortiSOAR's URLScan.io integration, or
  2. Update the URLScan.io connector to the latest version - v1.1.2

The detailed steps are mentioned in this KB article.

 

https://community.fortinet.com/t5/FortiSOAR-Knowledge-Base/Technical-Tip-Prevent-sensitive-URLs-from...

 

For users with SOAR Framework Solution Pack earlier than v2.0.0, the playbook collection mentioned in the above article will be 03 - Enrich (Pluggable) -> Indicator (URL) - Get the latest reputation.