FortiSOAR Knowledge Base
FortiSOAR: Security Orchestration and Response software provides innovative case management, automation, and orchestration. It pulls together all of an organization's tools, helps unify operations, and reduce alert fatigue, context switching, and the mean time to respond to incidents.
Article Id 230006

This article describes how users may prevent the URLs from appearing publicly on's website by keeping the Private mode of artifact submission checked in FortiSOAR's integration.

Scope FortiSOAR users integrating's API for enrichment must review this advisory.

FortiSOAR users are strongly encouraged to evaluate their URL enrichment settings.

FortiSOAR integration supports both public and private ways of artifact submission. Use the Private mode to use the integration for enriching URLs containing sensitive information.

It is strongly advised to update to integration version 1.1.2 where Private enrichment mode is enabled by default.


Upgrading Connector to v1.1.2.


1) On FortiSOAR, select the Manage tab.

2) Select the connector card.

3) Select the button Update to v1.1.2. Wait for the installation to complete.


Enabling Private Mode Without Upgrading.


1) In FortiSOAR, open Automation -> Playbooks.

2) Select Sample - - 1.x.x playbook collection to open it.

For users on SOAR Framework Solution Pack version earlier than v2.0.0, select 03 - Enrich collection to open it.

3) Select to open Submit URL playbook.

4) Double-click to open the Submit URL playbook step.

5) Select the checkbox to enable Private Scan.

6) Select the Save button to apply and save the changes.


The connector now uses Private mode to submit links for enrichment.