Can someone recommend some self-hosted or not, tool that I could schedule for periodical scans of all I host and is exposed to public internet?
I think I did all by the book now, including crowdsec and/or fail2ban, but recently for example I got an email from German CERT that my n8n is out of date and has some CVEs. All of them were not exploitable in my case but that got me thinking that if CERT can do it, maybe there are some services or tools that I could use and get alerts sooner if something is vulnerable in my infrastructure.
Any recommendations welcomed! Ideally self hosted and FOSS of course.
I’m not sure about cert scans, but ShadowServer is what I use for automated scans. They’re free and the scans are thorough: https://www.shadowserver.org/what-we-do/network-reporting/