{"product_id":"automate-network-security-weekly-shodan-ip-report-workflow","title":"Automate Network Security: Weekly Shodan IP Report Workflow","description":"\u003ch3\u003eEnhance Your Network Security with Weekly Shodan IP Report Workflow\u003c\/h3\u003e\n\u003cp\u003eEvery Monday at 5:00 AM, safeguard your digital infrastructure with our Automate Network Security: Weekly Shodan IP Report Workflow. This comprehensive n8n workflow meticulously monitors your network by examining IP addresses and their associated ports, ensuring anything unexpected is promptly identified and addressed.\u003c\/p\u003e\n\n\u003ch3\u003eWhat this workflow does\u003c\/h3\u003e\n\u003cul\u003e\n  \u003cli\u003eInitiates every Monday at 5:00 AM to monitor and assess network security.\u003c\/li\u003e\n  \u003cli\u003eFetches a list of watched IP addresses and expected ports through an HTTP request.\u003c\/li\u003e\n  \u003cli\u003eSequentially processes each IP by sending a GET request to Shodan, the premier search engine for internet-connected devices, to gather detailed information.\u003c\/li\u003e\n  \u003cli\u003eExtracts and converts Shodan's response into an array containing data on all ports for the IP.\u003c\/li\u003e\n  \u003cli\u003eUtilizes a filter node to compare Shodan's ports with expected ports, retaining unexpected ones for detailed inspection.\u003c\/li\u003e\n  \u003cli\u003eCompiles data for unexpected ports including IP, hostnames from Shodan, port number, service description, and detailed Shodan data like HTTP status, date, time, and headers.\u003c\/li\u003e\n  \u003cli\u003eFormats this collected data into an HTML table and converts it into Markdown format.\u003c\/li\u003e\n  \u003cli\u003eGenerates an alert in TheHive, a security incident response platform, detailing unexpected ports per IP with a Markdown table and medium severity note.\u003c\/li\u003e\n\u003c\/ul\u003e\n\n\u003ch3\u003eUse cases\u003c\/h3\u003e\n\u003cul\u003e\n  \u003cli\u003eNetwork administrators seeking automated monitoring for unexpected open ports that may pose security risks.\u003c\/li\u003e\n  \u003cli\u003eSaaS operators aiming to maintain robust security compliance by regularly auditing network ports against known standards.\u003c\/li\u003e\n  \u003cli\u003eAutomation engineers looking to integrate security alerts into existing workflows for timely incident response.\u003c\/li\u003e\n\u003c\/ul\u003e\n\n\u003ch3\u003eTechnical details\u003c\/h3\u003e\n\u003cul\u003e\n  \u003cli\u003eNodes used: Set, HTML, Filter, The Hive, Markdown, Item Lists.\u003c\/li\u003e\n  \u003cli\u003eStarts with an HTTP request for IP addresses.\u003c\/li\u003e\n  \u003cli\u003eInteracts with Shodan for detailed port data.\u003c\/li\u003e\n  \u003cli\u003eFormats data into HTML and Markdown for alert generation.\u003c\/li\u003e\n\u003c\/ul\u003e","brand":"N8N Commerce","offers":[{"title":"Default Title","offer_id":45614134296755,"sku":"N8N-1977","price":45.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0749\/6279\/6723\/files\/LLD7VaaVcjyDUDqH7MYz7_17f4f6fe26d646d3afcc860dd5ef05cd.jpg?v=1782761284","url":"https:\/\/buyflowscripts.com\/products\/automate-network-security-weekly-shodan-ip-report-workflow","provider":"N8N Commerce","version":"1.0","type":"link"}