APIVoid SOAR Integration

This document details the tools provided by the APIVoid SOAR integration.

Tools

api_void_get_url_reputation

Get safety reputation and risk score of an URL

Parameters:

  • case_id (str, required): The ID of the case.

  • alert_group_identifiers (List[str], required): Identifiers for the alert groups.

  • threshold (str, required): URL risk threshold. The threshold must be a numeric value. e.g. 3

  • target_entities (List[TargetEntity], optional, default=[]): Optional list of specific target entities (Identifier, EntityType) to run the action on.

  • scope (str, optional, default=“All entities”): Defines the scope for the action.

api_void_get_screenshot

Capture a high-quality screenshot of any website or URL

Parameters:

  • case_id (str, required): The ID of the case.

  • alert_group_identifiers (List[str], required): Identifiers for the alert groups.

  • target_entities (List[TargetEntity], optional, default=[]): Optional list of specific target entities (Identifier, EntityType) to run the action on.

  • scope (str, optional, default=“All entities”): Defines the scope for the action.

api_void_ping

Test Connectivity

Parameters:

  • case_id (str, required): The ID of the case.

  • alert_group_identifiers (List[str], required): Identifiers for the alert groups.

  • target_entities (List[TargetEntity], optional, default=[]): Optional list of specific target entities (Identifier, EntityType) to run the action on.

  • scope (str, optional, default=“All entities”): Defines the scope for the action.

api_void_verify_email

Check if an email is disposable, if it has MX records and more

Parameters:

  • case_id (str, required): The ID of the case.

  • alert_group_identifiers (List[str], required): Identifiers for the alert groups.

  • threshold (str, required): Email risk threshold. The threshold must be a numeric value. e.g. 3

  • target_entities (List[TargetEntity], optional, default=[]): Optional list of specific target entities (Identifier, EntityType) to run the action on.

  • scope (str, optional, default=“All entities”): Defines the scope for the action.

api_void_get_domain_reputation

Check if a domain is blacklisted by popular and trusted domain blacklist services.

Parameters:

  • case_id (str, required): The ID of the case.

  • alert_group_identifiers (List[str], required): Identifiers for the alert groups.

  • threshold (str, required): Domain risk threshold. The threshold must be a numeric value. e.g. 3

  • create_insights (bool, required): Specify whether the action should create insights or not.

  • target_entities (List[TargetEntity], optional, default=[]): Optional list of specific target entities (Identifier, EntityType) to run the action on.

  • scope (str, optional, default=“All entities”): Defines the scope for the action.

api_void_get_ip_reputation

Detect potentially malicious IP addresses commonly used for spam, to attack websites or to commit fraudulent activities

Parameters:

  • case_id (str, required): The ID of the case.

  • alert_group_identifiers (List[str], required): Identifiers for the alert groups.

  • threshold (str, required): IP risk threshold. The threshold must be a numeric value. e.g. 3

  • create_insights (bool, required): Specify whether the action should create insights or not.

  • target_entities (List[TargetEntity], optional, default=[]): Optional list of specific target entities (Identifier, EntityType) to run the action on.

  • scope (str, optional, default=“All entities”): Defines the scope for the action.