Happy Independence Day from all of us at the Connect IT Community! Our US offices will be closed on Monday, July 4th, 2022 in recognition of the holiday. Limited Support staff in the US will be on-call and available for critical Service(s) Down issues only. Normal Support operations in the US will resume on Tuesday, July 5th, 2022.

Audit or Monitor Shodan Results in Kaseya VSA

Pieter Jorritsma
Pieter Jorritsma Member DECAF
edited January 24 in Solutions

Product Name: Audit or Monitor Shodan Results in Kaseya VSA

Version: 1.1

Description : This procedure is getting the Shodan Results (vulnerabilities) of the Public IP address listen as 'Gateway Address' on the agent.

Kaseya Customer Value: Represents the Public IP-address to check with Shodan if there are vulnerabilities
End Value: Use the results to improve security by resolve the listed CVE's.

Why: You can monitor if you Public IP-Address is vulnerable

Requirement:
1) Custom Field 'Shodan' (Optional)
2) Require PowerShell v4 or higher
3) Require a API Key from Shodan

Instructions :

1. Import the agent procedure "XML files" into Kaseya VSA > Agent Procedures.

2. Upload "Get-ShodanStatus.ps1" to your Kaseya Shared Files. Be sure to edit the lines see instruction guide.

3) Register a Shodan for a API Key 'Click here'

If you have question please let me know.

Please see attached pdf for installation instructions.

Comments

  • Zach Becker
    Zach Becker Member
    edited March 2021

    Hello,

    I'm receiving an error on execuition.

    Failed THEN in step 3 (Line 15)

    This is in regards to the powershell version 4 check. Is this checking the Kaseya VSA host for Powershell v 4 or higher, or the end system that I'm scanning? The system I'm testing on has Powershell 5.1.19041.610 installed. I'm using Kaseya SAAS platform for my VSA.


    Thanks,

    Zach

Weekly Leaderboard