WebsiteTest Drive

Shodan

Shodan is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.

The Dropzone platform integrates with Shodan, a search engine for devices on the internet. Dropzone can use it for identifying IP device characteristics such hosting ownership, open ports, or known vulnerabilities.

Create an API Key

Shodan requires an API key to enable.

To obtain an API key, do the following:

If you do not already have a corporate Shodan account, create one and become a member:

Next, retrieve your API key

Click on "Developer" in the menu bar

  • Click on "Show API Key" located in the far top right corner

Show API Key

  • Record the API Key shown for use later in the Dropzone UI where it is called "API key"

Enable Shodan

To enable the Data Source integration, do the following:

  • Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app

  • In the bottom left hand corner, click Settings > Integrations

Integrations Dropdown

  • Click "Available"

Click Available

  • In the Search bar, search Shodan, then click "Configure"

The Shodan Data Tile

  • Input the API Key

  • Click "Test & Save" to finish

The Shodan Data Source Configuration

If you have any errors engage your Dropzone AI support representative.

PreviousPhishTankNextTShark

Last updated

Was this helpful?