The Zscaler Action Bundle integration provides ThreatQ users with the ability to export FQDNs, URLs, and IP Addresses in a ThreatQ data collection to a Zscaler URL Category. Users can also enrich selected indicators with information from Zscaler as well as clear URLs.

The integration provides the following actions:

• Zscaler - Export URLs - adds the indicators in a data collection to a predefined Zscaler URL Category.
• Zscaler - Clear URL Category - clears a category of URLs in Zscaler.
• Zscaler - Get URL Categories - enriches FQDNs and URLs with information from Zscaler.

The actions are compatible with the following indicator types:

• FQDN
• IP Address
• URL

Note: This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.