Skip to main content

Block URL - Generic v2

This Playbook is part of the Common Playbooks Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

This playbook blocks malicious URLs using all integrations that are enabled.

Supported integrations for this playbook:

  • Palo Alto Networks PAN-OS
  • Zscaler
  • Sophos
  • Forcepoint
  • Checkpoint
  • Netcraft


This playbook uses the following sub-playbooks, integrations, and scripts.


  • PAN-OS - Block URL - Custom URL Category
  • Sophos Firewall - Block URL
  • Checkpoint - Block URL


  • Netcraft
  • Forcepoint
  • Zscaler


  • IsIntegrationAvailable
  • SetAndHandleEmpty


  • fp-add-address-to-category
  • zscaler-blacklist-url
  • setIndicator
  • netcraft-report-attack

Playbook Inputs#

NameDescriptionDefault ValueRequired
URLArray of malicious URLs to block.Optional
LogForwardingLog Forwarding object name.Optional
AutoCommitThis input establishes whether to commit the configuration automatically.
Yes - Commit automatically.
No - Commit manually.
CustomURLCategoryCustom URL Category name.XSOAR Remediation - Malicious URLsOptional
typeCustom URL category type. Insert "URL List"/ "Category Match".Optional
categoriesThe list of categories. Relevant from PAN-OS v9.x.Optional
UserVerificationPossible values:True/False. Default:True.
Specify if User Verification is Requrired
EDLServerIPEDL Server IP AddressOptional
device-groupDevice group for the Custom URL Category (Panorama instances).Optional

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Block URL - Generic v2