The VirusTotal Scan URL action iterates over the selected scope
entities, and initiates a request to VirusTotal for each entity whose type is
URL. When finished, the action enriches the URL entities with a VirusTotal
report and also posts the result on the Case Wall.
An is_risky value is exposed so that you can add further
conditions to the playbook for high-risk URLs.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-06-12 UTC."],[[["The VirusTotal Scan URL action scans multiple URLs within a selected scope."],["Each URL is analyzed individually by VirusTotal, initiated through a request."],["After scanning, URL entities are enriched with a detailed VirusTotal report."],["The action posts the scan results to the case wall for easy access and review."],["An `is_risky` value is provided, enabling you to define more conditions in the playbook for dangerous URLs."]]],[]]
