n8n-nodes-socradar

This is an n8n community node for integrating with the SOCRadar API. It provides a comprehensive node to interact with SOCRadar's services.

n8n is a fair-code licensed workflow automation platform.

SOCRadar is a Digital Risk Protection Platform that provides threat intelligence, brand protection, attack surface management, and other cybersecurity services.

SOCRadar n8n Integration

This is a community node for n8n that integrates with SOCRadar's API. It provides access to SOCRadar's services

Features

Incident Management

• Comprehensive API Support: Single consolidated node supporting all incident operations
• Advanced Filtering Options:
  • Filter by status, severity, resolution state
  • Date range filtering
  • Sorting capabilities
  • Tag-based filtering
• Operations:
  • Get All Incidents
  • Get Single Incident
  • Add Comment
  • Add Tag
  • Remove Tag

Takedown Services

• Create and manage takedown requests
• Filter and retrieve takedown status
• Operations:
  • Create Takedown Request
  • Get Single Takedown
  • Get All Takedowns
  • Update Takedown Status
  • Add Tags

Digital Footprint

• Discover and manage digital assets across your organization
• Monitor cloud resources, domains, and other digital assets
• Advanced Filtering Options:
  • Filter by asset type (Domain, IP, URL, Cloud Bucket)
  • Pagination support
  • Sorting capabilities
  • Status filtering
• Operations:
  • Get Digital Assets
  • Get Cloud Buckets
  • Add Asset (Domain, Cloud Bucket)
  • Mark False Positive
  • Toggle Monitoring

Brand Protection

• Monitor and protect your brand across digital channels
• Advanced Detection:
  • Impersonating Accounts
  • Impersonating Domains
  • Rogue Mobile Applications
  • Bad Reputation
  • Social Media Findings
• Operations:
  • Get Brand Protection Data
  • Filter by Finding Type
  • Sort by Risk Score

Fraud Protection

• Detect and prevent digital fraud attempts
• Comprehensive Coverage:
  • Phishing Detection
  • Scam Detection
  • Brand Abuse
  • Payment Fraud
• Operations:
  • Get Fraud Protection Data
  • Filter by Risk Level
  • Sort by Detection Time

Dark Web Monitoring

• Monitor dark web for sensitive information
• Data Sources:
  • Botnet Data
  • Blackmarket Data
  • Suspicious Content
  • PII Exposure
  • IM Content
• Operations:
  • Get Dark Web Findings
  • Filter by Source Type
  • Sort by Relevance

User Audit Logs

• Retrieve user activity logs for compliance and security monitoring
• Advanced Filtering Options:
  • Date range filtering
  • Limit number of records
  • Activity type filtering
• Operations:
  • Get All User Audit Logs
  • Filter by Date Range
  • Filter by Activity Type

Prerequisites

• n8n v1.0.0 or later
• SOCRadar API credentials

Installation

Follow these steps to install this custom node:

# Install with npm
npm install @socradar/n8n-nodes-socradar

# Install with pnpm
pnpm add @socradar/n8n-nodes-socradar

# Alternatively, for n8n installed globally
npm install -g @socradar/n8n-nodes-socradar

For Docker-based n8n installations, you can use the n8n-docker-custom approach.

Usage

Authentication

The SOCRadar node requires SOCRadar API credentials:

1. API Key: Your SOCRadar API key
2. Company ID: Your SOCRadar company identifier

SOCRadar Node

The consolidated SOCRadar node provides access to all SOCRadar Extended Threat Intelligence platform features:

• Resource: Choose from:
  • Incident Management
  • Takedown Management
  • Digital Footprint
  • Brand Protection
  • Fraud Protection
  • Dark Web Monitoring
  • User Audit Logs
• Operation: Select the specific operation to perform
• Parameters: Configure operation-specific parameters

Version History

• 1.8.7: Fix public github url
• 1.8.6: Added repository link and improved package structure for n8n compatibility
• 1.8.5: Removed external dependencies (axios, dotenv) in favor of n8n's built-in functionality
• 1.8.4: Fixed credential icon display issue
• 1.8.2: Fixed README.md with correct package name and latest features
• 1.8.1: Optimized build process and improved CI/CD pipeline
• 1.8.0: Enhanced Digital Footprint API integration with improved asset type handling
• 1.7.0: Added Brand Protection API V2 support with comprehensive filtering
• 1.6.0: Added Fraud Protection API V2 support
• 1.5.0: Added Dark Web Monitoring API V2 support
• 1.4.0: Added Digital Footprint API support
• 1.3.0: Added User Audit Logs API support
• 1.2.0: Consolidated all functionality into a single SOCRadar node
• 1.1.0: Added Takedown API support
• 1.0.0: Initial release with Incident API support

Credentials

You need to create a credentials entry with your SOCRadar API key:

1. Go to Credentials in n8n
2. Select Create New
3. Search for "SOCRadar API"
4. Enter your API key from the SOCRadar platform
5. Save the credentials

Support

For issues, feature requests, or questions about this node package:

• Contact SOCRadar support at support@socradar.io

License

This node package is released under the MIT License.

Changelog

All notable changes to this project will be documented in this file.

1.8.7 (2025-04-23)

Changed

• Fix Github Url

1.8.6 (2025-04-23)

Added

• Added repository field to package.json to link GitHub repository with npm package
• Improved package structure for better compatibility with n8n community package requirements

Changed

• Enhanced package structure for better security scan compatibility

1.8.5 (2025-04-22)

Changed

• Removed external dependencies:
  • Replaced axios with n8n's built-in HTTP request functionality
  • Removed dotenv dependency in favor of a custom environment variable loader
  • Updated all utility files to use n8n's native HTTP request capabilities
  • Refactored test files to use Node.js built-in https module
  • Improved code maintainability and reduced external dependencies
• Updated development dependencies:
  • Upgraded ESLint from v8 to v9
  • Updated TypeScript ESLint plugins for compatibility

1.8.4 (2025-03-07)

Fixed

• Fixed credential icon display issue:
  • Added proper icon support for credentials in n8n UI
  • Updated gulpfile.js to copy credential icons during build
  • Modified .npmignore to include credential icons in package
  • Implemented light/dark mode icon support

1.8.3 (2025-03-06)

Fixed

• Updated README.md:
  • Removed github issue link.

1.8.2 (2025-03-06)

Fixed

• Updated README.md:
  • Fixed incorrect package installation instructions to use @socradar scope
  • Added latest features (Brand Protection, Fraud Protection, Dark Web Monitoring)
  • Updated authentication requirements
  • Added comprehensive feature descriptions
  • Updated version history

1.8.1 (2025-03-06)

Changed

• Optimized build process:
  • Removed test step from build script
  • Improved linting configuration
  • Enhanced build verification
  • Streamlined CI/CD pipeline

1.8.0 (2025-03-06)

Changed

• Enhanced Digital Footprint API integration:
  • Made Asset Type a required parameter for getDigitalAssets operation
  • Converted Asset Type from string input to dropdown selection
  • Aligned asset type options with AssetInvestigationType enum
  • Reordered asset type options for better organization
  • Improved parameter validation and error handling
  • Streamlined API request handling for asset type filtering

1.7.0 (2025-03-05)

Added

• Added Brand Protection API V2 support
  • New resource: Brand Protection API V2
  • Operation: Get Brand Protection Data with multiple operation types:
    • Impersonating Accounts
    • Impersonating Domains
    • Rogue Mobile Applications
    • Bad Reputation
    • Social Media Findings
  • Comprehensive filtering options
  • Detailed documentation

1.6.0 (2025-03-05)

Features

• Added DRP Fraud Protection API V2 support
  • Implemented comprehensive fraud protection data retrieval
  • Added support for detailed filtering options
  • Integrated with existing SOCRadar node architecture

1.5.0 (2025-03-05)

Added

• Added Dark Web Monitoring API V2 support
  • Botnet Data
  • Blackmarket Data
  • Suspicious Content
  • PII Exposure
  • IM Content

1.4.0 (2025-03-04)

Added

• Added Digital Footprint API support
• Added operations for managing digital assets:
  • Get Digital Assets with filtering and pagination
  • Get Cloud Buckets
  • Add Asset (Domain, Cloud Bucket)
  • Mark False Positive
  • Toggle Monitoring
• Added comprehensive parameter handling for all Digital Footprint operations

1.3.0 (2025-03-05)

Added

• Added User Audit Logs API support
• Added date range filtering for audit logs
• Added limit parameter for controlling the number of returned logs

Changed

• Updated package.json keywords to include 'cybersecurity' instead of 'security'
• Improved error handling for all API endpoints

1.2.0 (2025-03-05)

Changed

• Consolidated all functionality into a single Socradar node
• Removed version-specific implementations (v1, v2, v3, v4)
• Focused on using the latest V4 incident API
• Maintained full functionality for both Incidents and Takedowns
• Removed unnecessary files and directories

1.1.2 (2025-03-05)

Fixed

• Fixed TakedownV1 node inputs and outputs type definition
• Updated build process to support version-specific nodes

1.1.1 (2023-12-01)

Changed

• Restored version-specific node implementation
• Removed API version parameter from main Socradar node
• Updated documentation to reflect version-specific approach
• Fixed endpoint URLs to match API version requirements

1.1.0 (2023-11-15)

Added

• Added Takedown API support
• Added support for SOCRadar API v3 and v4
• Added more filtering options for incidents

Changed

• Improved error handling
• Updated documentation

1.0.0 (2023-10-01)

Added

• Initial release with SOCRadar Incident API support
• Support for basic incident retrieval and filtering