Why D3 Smart SOAR is the Best SOAR for Zscaler

D3 Security’s Smart SOAR (security orchestration, automation, and response) is an advanced platform designed to harmonize a variety of security tools and streamline incident response workflows. Zscaler, a renowned provider of cloud-based information security, offers services that protect organizations from cyber threats. This article describes how integrating Zscaler with Smart SOAR enables functionalities such as automated URL management, sandbox analysis, and comprehensive category management.

The Advantages of Zscaler Integration in Smart SOAR

Automated URL Management

The integration of Smart SOAR with Zscaler greatly simplifies the task of managing URLs. By using commands such as “Add URL To Blacklist,” “Add URL To Whitelist,” “Remove URL From Blacklist,” and “Remove URL From Whitelist,” security teams can automatically add or remove URLs from their blacklist or whitelist. This automation significantly reduces the time spent managing URLs and enhances the organization’s protection against malicious web content.


Smart SOAR playbook for Zscaler


Sandbox Analysis

When suspicious files are detected, Smart SOAR can automatically send them to Zscaler for sandbox analysis using the “Upload File to Sandbox” command. The subsequent sandbox report, obtainable with the “Get Sandbox Report” command, provides detailed insights into the file’s behavior, helping analysts determine its potential threat level.

Comprehensive Category Management

Smart SOAR’s integration with Zscaler also simplifies the process of managing URL categories. Security teams can use the “List All Categories” command to get an overview of all existing categories. The “Get URL Category” and “Add URL to Category” commands further streamline category management by allowing analysts to add URLs to specific categories and retrieve the categories of given URLs, respectively.


Smart SOAR playbook for Zscaler


Effective Allow and Deny List Retrieval

The “Get Blacklist” and “Get Whitelist” commands provide an easy way for security teams to retrieve their complete blacklist and whitelist. This capability simplifies the review and management of these critical security assets, ensuring that all entries are up-to-date and valid.


The integration of Smart SOAR with Zscaler is a powerful way to boost your organization’s network security, streamline operations, and ensure the consistent application of security policies across all integrated tools. By automating URL management, facilitating sandbox analysis, and providing centralized visibility into category management, organizations can transform disjointed tools into a unified ecosystem that works together to minimize the impact of individual security incidents.

Social Icon
Pierre Noujeim

Pierre Noujeim is a Product Marketing Manager with a cyber security engineering background. Having implemented SOAR at enterprise organizations as well as for D3's MSSP partners, Pierre has rich and varied insight into integrations, use cases and the cyber security vendor landscape. A dedicated product marketer, Pierre represents D3 at analyst briefings, webinar workshops and industry conferences such as RSA and Black Hat.