ZScaler Outbound Traffic Filtering
Description
Accepts a URL or list of URLs and block them in ZScaler. Generates a list of observables with the blocked URLs.
- Type: Response
- Product: Splunk SOAR
- Apps: Zscaler
- Last Updated: 2023-03-31
- Author: Patrick Bareiss, Splunk
- ID: 3e0df448-0546-4b2b-9143-365161cf40f9
- Use-cases:
- Phishing
- Endpoint
Associated Detections
How To Implement
This input playbook requires the ZScaler connector to be configured. It is designed to work in conjunction with the Dynamic URL Outbound Traffic Filtering Analysis playbook or other playbooks in the same style.
D3FEND
ID | Technique | Definition | Category |
---|---|---|---|
D3-OTF | Outbound Traffic Filtering | Restricting network traffic originating from any location. | Network Isolation |
Explore Playbook
Required field
Reference
source | version: 1