alphaMountain.ai 2.0.0
App Vendor: alphaMountain
App Category: Data Enrichment & Threat Intelligence
Connector Version: 2.0.0
API Version: 1.0.0
About App
The alphaMountain.ai app allows security teams to enrich URLs by connecting with alphaMountain.ai, revealing critical insights such as threat scores, impersonation scores, and URL categories.
The alphaMountain.ai app is configured with Cyware Orchestrate to perform the following actions:
Action Name | Description |
|---|---|
Get URI/URL Categories | This action retrieves the categories for the given URI/URL. |
Get URI/URL Impersonations | This action retrieves the impersonation domains for the given URI/URL. |
Get URI/URL Threat Score | This action retrieves the threat score for a given URL/URI. |
Generic Action | This is a generic action used to make requests to any alphamountain.ai endpoint. |
Configuration Parameters
The following configuration parameters are required for the alphaMountain.ai app to communicate with the alphaMountain.ai enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
API Key | Enter the API key to authenticate with alphamountain.ai. | Password | Required | |
API Version | Enter the API version. Example: 1 | Text | Optional | Default value: 1 |
Verify | Choose your preference to verify SSL or TLS while making requests. It is recommended to set this option to yes. Passing no may result in incorrectly establishing the connection. | Boolean | Optional | By default, verification is enabled. |
Timeout | Enter the timeout value in seconds. This is the number of seconds that requests will wait to establish a connection with alphaMountain.ai. | Integer | Optional | Allowed range: 15-120 Default value: 15 |
Action: Get URI/URL Categories
This action retrieves the categories for the given URI/URL.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URI | Enter the URI/URL to retrieve the categories. Example: https://www.example.com | Text | Required |
Example Request
[
{
"url": "https://www.example.com"
}
]Action: Get URI/URL Impersonations
This action retrieves the impersonation domains for the given URI/URL. It identifies domains likely crafted to mimic the given URI, considering popularity and relevance. This is particularly useful for detecting potential phishing attempts, cyber-squatting, or typo-squatted domains.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URI | Enter the URI/URL to retrieve the impersonation domains. Example: https://www.example.com | Text | Required | |
Limit | Enter the maximum number of impersonation domains to retrieve. | Integer | Optional | Maximum allowed value: 20 |
Example Request
[
{
"url": "https://www.example.com"
}
]Action: Get URI/URL Threat Score
This action retrieves the threat score for a given URL/URI.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URI | Enter the URI/URL to retrieve the threat score. Example: https://www.example.com | Text | Required | |
Scan Depth | Enter the level of thoroughness for the real-time lookup. | Text | Optional | Allowed values: none, low, medium, high |
Example Request
[
{
"url": "https://www.example.com",
"scan_depth": "medium"
}
]Action: Generic Action
This is a generic action used to make requests to any alphamountain.ai endpoint.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Method | Enter the HTTP method to make the request. | Text | Required | Allowed values: GET, PUT, POST, DELETE |
Endpoint | Enter the endpoint to make the request to. Example: impersonate/uri | Text | Required | |
Query Params | Enter the query parameters to pass to the API. | Key Value | Optional | |
Payload | Enter the payload to pass to the API. | Any | Optional | |
Extra Fields | Enter the extra fields to pass to the API. | Key Value | Optional | Allowed keys: payload_json, download, files, filename, retry_wait, retry_count, custom_output, response_type |
Example Request
[
{
"method": "POST",
"payload": {
"uri": "https://sampledomain.com",
"license": "664856c1-730e-4889-8ecc-732291a8e435",
"type": "partner.info",
"version": 1,
"scan_depth": "low"
},
"endpoint": "/threat/uri/",
"extra_fields": {},
"query_params": {}
}
]