Note: There may be known issues pertaining to this Solution, please refer to them before installing.

The URLhaus solution for Microsoft Sentinel allows enriching incidents with additional information about file hashes, Hostname and URL using feeds and lists from URLhaus.Beside the APIs documented on URLhaus that serves various feeds and lists, abuse.ch also offers a dedicated API that allows to gather information on a specific URL, file hash or host from URLhaus through an automated way. It is also possible to retrieve a payload (malware sample) URLhaus has collected from malware URLs it tracks.

Custom Azure Logic Apps Connectors: 1, Playbooks: 3

Learn more about Microsoft Sentinel | Learn more about Solutions