In part 1 of our Automating abuse inbox management and phishing response video series, we introduced the key concepts of Tines and built a basic Story. Here, in part two of this series, we go deep and add a lot of capability to our Story. Including:
Attachment analysis in VirusTotal
Real-time detonation of attachments in Hybrid Analysis
Analysis of URLs in URLScan.io
Collection of user responses with the Tines “Prompt Widget”
Shown below are the before and after diagrams:
Phishing Diagram Before and After
Download and import the Part 2 Story file here.
*Please note we recently updated our terminology. Our "agents" are now known as "Actions," but some visuals might not reflect this.*
References:
URLScan.io: https://urlscan.io/
URLScan.io API Docs: https://urlscan.io/about-api/
Hybrid Analysis: https://www.hybrid-analysis.com/
Hybrid Analysis API Docs: https://www.hybrid-analysis.com/docs/api/v2
Virustotal file submission: https://www.virustotal.com/en/documentation/public-api/#scanning-files
Tines Docs – Working with files: https://docs.tines.io/tines_agents_working_with_files.html
Tines Docs – Prompt widget: https://docs.tines.io/tines_agents_widgets.html