This n8n workflow automates the detection, analysis, and reporting of potential phishing emails received via Gmail or Microsoft Outlook. Its main goal is to streamline security workflows by leveraging AI and automating ticket creation in Jira.
The process begins with email triggers: a Gmail Trigger monitors incoming emails in real-time, capturing key data like subject, recipient, body, and headers. Similarly, a Microsoft Outlook Trigger can be enabled to monitor Outlook inboxes, extracting detailed header information for thorough analysis.
Once an email is detected, header data is fetched and structured for clarity, with both email bodies and headers stored in variables for subsequent analysis. The email’s HTML content is sent to an external API that generates visual screenshots, providing a visual representation of the email layout.
A critical step involves analyzing the email content using OpenAI’s GPT-4 model. The email’s HTML body and headers are processed to assess whether the email might be malicious or a phishing attempt. The AI provides a detailed, structured verdict explaining its reasoning.
Based on the AI’s analysis, the workflow branches: if identified as malicious, it automatically creates a Jira ticket labeled as a potential threat, attaching the email screenshot and text body for review. If deemed safe, a benign report ticket is generated for record-keeping.
Throughout, the workflow automates attachment uploads to Jira, ensuring all relevant data—screenshots and email text—are available for security team review. This setup is ideal for organizations needing continuous, automated email security monitoring and incident reporting, helping to quickly identify and respond to phishing threats.
Reviews
There are no reviews yet.