Document toolboxDocument toolbox

CheckPhish AI

Owned by Jonas Gonzalez
Last updated: Nov 29, 2024
2 min read
[ 1 Connect CheckPhish AI with Devo SOAR ] [ 2 Actions for CheckPhish AI ] [ 2.1 Submit URL for Scan ] [ 2.1.1 Input Field ] [ 2.1.2 Output ] [ 3 Release Notes ]

CheckPhish uses deep learning, computer vision, and NLP to mimic how a person would look at, understand, and draw a verdict on a suspicious website.

Connect CheckPhish AI with Devo SOAR

  1. Navigate to Automations > Integrations.

  2. Search for CheckPhish AI.

  3. Click Details, then the + icon. Enter the required information in the following fields.

  4. Label: Enter a connection name.

  5. Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.

  6. Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).

  7. Remote Agent: Run this integration using the Devo SOAR Remote Agent.

  8. API Token: Token required for authentication with CheckPhish AI APIs.

  9. After you've entered all the details, click Connect.

Actions for CheckPhish AI

Submit URL for Scan

Use this action to submit the URL for the scan.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

URL

Jinja-template text containing URL.

 

Example: {{url_column}}.

Required

 

Output

A JSON object containing multiple rows of result:

``` {json}{ "jobID":"fcd10412-4ea2-4fe0-9e6b-2c5380d1d3c0", "timestamp":1627994223039, "error":null, "has_error":false }

## Check Scan Status Use this action to check the scan status. ### Input Field Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection. | Input Name | Description | Required | | : -------- | : -------- | : -------- | | Job ID | Jinja-templated text containing Job ID. Example: {{job_id_column}}. | Required | | Insights | Please select insights. (Default value is True). | Required | ### Output A JSON object containing multiple rows of result: ``` {json}{ "screenshot_path":"https://bst-prod-screenshots.s3-us-west-2.amazonaws.com/20210803/7636050a132a770ebb1407a64f7476617a185b442a19cb82915474ff977ff1a9.png", "url":"http://https/", "disposition":"clean", "insights":"https://checkphish.ai/insights/url/1627972283169/7636050a132a770ebb1407a64f7476617a185b442a19cb82915474ff977ff1a9", "job_id":"b3f39327-9fc9-436f-a6e9-62bff35881e7", "brand":"unknown", "has_error":false, "error":null, "resolved":false, "status":"DONE", "url_sha256":"7636050a132a770ebb1407a64f7476617a185b442a19cb82915474ff977ff1a9" }

Release Notes

  • v2.0.0 - Updated architecture to support IO via filesystem