|
FortiSOAR users are strongly encouraged to evaluate their URL enrichment settings.
FortiSOAR URLScan.io integration supports both public and private ways of artifact submission. Use the Private mode to use the integration for enriching URLs containing sensitive information.
It is strongly advised to update to integration version 1.1.2 where Private enrichment mode is enabled by default.
Upgrading URLScan.io Connector to v1.1.2.
1) On FortiSOAR, select the Manage tab.
2) Select the URLScan.io connector card.
3) Select the button Update to v1.1.2. Wait for the installation to complete.
Enabling Private Mode Without Upgrading.
1) In FortiSOAR, open Automation -> Playbooks.
2) Select Sample - URLScan.io - 1.x.x playbook collection to open it.
For users on SOAR Framework Solution Pack version earlier than v2.0.0, select 03 - Enrich collection to open it.
3) Select to open Submit URL playbook.
4) Double-click to open the Submit URL playbook step.
5) Select the checkbox to enable Private Scan.
6) Select the Save button to apply and save the changes.
The URLScan.io connector now uses Private mode to submit links for enrichment.
|
