Skip to main content

Block URL - Generic v2

This Playbook is part of the Common Playbooks Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

This playbook blocks malicious URLs using all integrations that are enabled.

Supported integrations for this playbook:

  • Palo Alto Networks PAN-OS
  • Zscaler
  • Sophos
  • Forcepoint
  • Checkpoint
  • Netcraft

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • PAN-OS - Block URL - Custom URL Category
  • Sophos Firewall - Block URL
  • Checkpoint - Block URL

Integrations#

  • Zscaler
  • Netcraft
  • Forcepoint

Scripts#

  • IsIntegrationAvailable
  • SetAndHandleEmpty

Commands#

  • fp-add-address-to-category
  • netcraft-report-attack
  • zscaler-blacklist-url
  • setIndicator

Playbook Inputs#


NameDescriptionDefault ValueRequired
URLArray of malicious URLs to block.Optional
LogForwardingLog Forwarding object name.Optional
AutoCommitThis input establishes whether to commit the configuration automatically.
Yes - Commit automatically.
No - Commit manually.
NoOptional
CustomURLCategoryCustom URL Category name.XSOAR Remediation - Malicious URLsOptional
typeCustom URL category type. Insert "URL List"/ "Category Match".Optional
TagDevice group for the Custom URL Category (Panorama instances).Optional
categoriesThe list of categories. Relevant from PAN-OS v9.x.Optional
UserVerificationPossible values:True/False. Default:True.
Specify if User Verification is Requrired
TrueOptional
EDLServerIPEDL Server IP AddressOptional

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


Block URL - Generic v2