Skip to main content

Workflow Template: Shodan - Domain Enrichment with Cache

Receives a Domain from a parent workflow and query Shodan for enrichment.

Updated today

The "Shodan - Domain Enrichment with Cache" workflow template is designed to enhance threat intelligence by enriching domain data using Shodan. It efficiently checks a local cache for recent reputation data, reducing redundant queries and speeding up response times. If no cached data is found, it queries Shodan directly, providing comprehensive analysis and a summary. This workflow is ideal for organizations seeking to streamline domain reputation checks and enhance their threat intelligence capabilities.

Take Me to the Template

Optional Triggers

["This workflow is intended to be used as a function."]

Use Cases

Function , Threat Intelligence Enrichment

Workflow Breakdown

  1. Receives a Domain as input.

  2. Lookup global variables for cached responses in the past 24 hours.

  3. If reputation is found on local cache, the saved data is returned to the parent workflow.

  4. When no reputation is found in cache, a summary of the analysis data is created and saved with the original api data.

Vendors

Utils, Shodan, Torq

Workflow Output

Returns full analysis data and a summary of the information.

Tips

  • Set "Provide Raw Data Analysis" to true or false to add or remove original vendor information to the output.

Related Articles
Workflow Template: Recorded Future - Domain Enrichment with Cache
Workflow Template: Pangea - Domain Enrichment with Cache
Workflow Template: Pangea - Email Enrichment with Cache
Workflow Template: Silent Push - Domain Enrichment with Cache
Workflow Template: Shodan - IP Address Enrichment with Cache
Did this answer your question?