DEV Community: Jessica Arnwine

AI-Enhanced Network Monitoring with Python: Detecting Anomalies Before They Become Threats

Jessica Arnwine — Tue, 02 Sep 2025 01:12:06 +0000

Cybersecurity isn’t just about scanning for open ports — it’s about identifying unusual patterns and potential threats before they cause damage. By combining Python with AI, you can build a monitoring system that detects anomalies, scores vulnerabilities, and automatically alerts your team. This project demonstrates advanced technical skill and practical application.

Step 1: Preparing Your Environment

You’ll need Python 3.x and a few key libraries for network scanning, data analysis, and machine learning:

# Create a virtual environment
python3 -m venv ai-netmon
source ai-netmon/bin/activate  # Mac/Linux
ai-netmon\Scripts\activate     # Windows

# Install required packages
pip install python-nmap pandas scikit-learn matplotlib requests

python-nmap for scanning

pandas for organizing scan data

scikit-learn for anomaly detection

matplotlib for visualization

requests for sending alerts

Step 2: Scanning the Network

We start with the same scanning logic as before, but store the results in a DataFrame for AI processing:

import nmap
import pandas as pd

scanner = nmap.PortScanner()
scanner.scan('192.168.1.0/24', '22,80,443')

data = []
for host in scanner.all_hosts():
    for port in scanner[host]['tcp'].keys():
        data.append({
            'host': host,
            'port': port,
            'state': 1 if scanner[host]['tcp'][port]['state']=='open' else 0
        })

df = pd.DataFrame(data)
print(df.head())

This creates a structured dataset ready for anomaly detection.

Step 3: Detecting Anomalies with Isolation Forest

The Isolation Forest algorithm is great for spotting unusual behavior, like unexpected open ports or rogue devices:

from sklearn.ensemble import IsolationForest

# Train Isolation Forest on current network state
model = IsolationForest(contamination=0.1)  # ~10% of data considered anomalous
df['anomaly'] = model.fit_predict(df[['state']])

# Flag anomalies
anomalies = df[df['anomaly'] == -1]
print("Anomalous network activity detected:\n", anomalies)

This identifies ports or hosts behaving differently than usual, giving you early warnings before a security incident occurs.

Step 4: Visualization

Visualizing anomalies helps your team quickly grasp the network’s health:

import matplotlib.pyplot as plt

plt.figure(figsize=(10,6))
plt.scatter(df['host'], df['port'], c=df['anomaly'], cmap='coolwarm', s=100)
plt.xlabel('Host')
plt.ylabel('Port')
plt.title('Network Anomalies Detection')
plt.colorbar(label='Anomaly (-1 = Anomalous)')
plt.show()

Red dots represent anomalies

Blue dots are normal activity

This gives an intuitive, visual overview of your network.

Step 5: Automated Alerts

Combine anomaly detection with Slack or email alerts:

import requests

webhook_url = 'https://hooks.slack.com/services/XXX/YYY/ZZZ'

for _, row in anomalies.iterrows():
    message = {
        'text': f"Alert: Anomaly detected on host {row['host']}, port {row['port']}!"
    }
    requests.post(webhook_url, json=message)

Now your team receives instant notifications for unusual activity.

Step 6: Scaling and Next Steps

Once working, you can:

Schedule scans with cron or Task Scheduler

Integrate CVE databases to assign risk scores to anomalous ports

Add more features like geolocation for external IPs or multi-network monitoring

Train machine learning models over time to improve anomaly detection accuracy

Takeaway

This AI-enhanced network monitoring script demonstrates:

Automated scanning and data collection

Machine learning-based anomaly detection

Visualization of network health

Real-time alerting for critical issues

It’s a strong portfolio project because it combines Python, cybersecurity, and AI, showing you can solve complex problems and create actionable solutions.

Pro Tip: Share the full notebook or repository publicly. Employers love seeing working code, visual outputs, and automated systems that solve real-world problems.

Advanced Network Monitoring with Python: Detection, Scoring, and Visualization

Jessica Arnwine — Tue, 02 Sep 2025 01:08:17 +0000

Building on basic network scanning, we can enhance our Python scripts to detect new devices, score vulnerabilities, and even visualize network health. This demonstrates real-world skills in cybersecurity automation and data-driven problem solving.

Step 1: Detecting New Devices

Tracking devices over time helps spot unexpected or rogue devices on your network. We can do this by maintaining a list of known hosts and comparing it with each new scan:

import nmap
import json

scanner = nmap.PortScanner()
scanner.scan('192.168.1.0/24', '22,80,443')

# Load known hosts from file
try:
    with open('known_hosts.json') as f:
        known_hosts = json.load(f)
except FileNotFoundError:
    known_hosts = []

current_hosts = scanner.all_hosts()
new_hosts = [host for host in current_hosts if host not in known_hosts]

if new_hosts:
    print("New devices detected:", new_hosts)

# Update known hosts file
with open('known_hosts.json', 'w') as f:
    json.dump(current_hosts, f)

This simple system flags any new host that wasn’t previously on your network, a first line of defense against unauthorized access.

Step 2: Vulnerability Scoring

Not all open ports are equally dangerous. We can assign a risk score based on known vulnerabilities:

risk_scores = {'22': 9, '80': 5, '443': 3}  # Example scoring

for host in scanner.all_hosts():
    for port in scanner[host]['tcp'].keys():
        state = scanner[host]['tcp'][port]['state']
        score = risk_scores.get(str(port), 1)  # Default low risk
        print(f'Host: {host}, Port: {port}, State: {state}, Risk Score: {score}')

This approach gives you a quantitative view of network risks, helping prioritize remediation efforts.

Step 3: Visualization with Matplotlib

Visualizing the network can make patterns or anomalies easier to spot:

import matplotlib.pyplot as plt

hosts = scanner.all_hosts()
scores = []

for host in hosts:
    total_score = sum(risk_scores.get(str(port), 1) 
                      for port in scanner[host]['tcp'].keys())
    scores.append(total_score)

plt.bar(hosts, scores, color='orange')
plt.xlabel('Host')
plt.ylabel('Vulnerability Score')
plt.title('Network Vulnerability Overview')
plt.show()

Now you can see which devices are most at risk at a glance. Visualization is especially useful for team presentations or reporting to management.

Step 4: Automatic Alerts

Combine new device detection and vulnerability scoring to send alerts if thresholds are exceeded:

import requests

webhook_url = 'https://hooks.slack.com/services/XXX/YYY/ZZZ'

for i, host in enumerate(hosts):
    if scores[i] > 8 or host in new_hosts:
        message = {'text': f'Alert: Host {host} flagged! Risk Score: {scores[i]}'}
        requests.post(webhook_url, json=message)

This ensures your team receives immediate updates when significant events occur.

Step 5: Scaling the Solution

Once your script is working, you can:

Schedule scans to run daily or hourly using cron (Linux) or Task Scheduler (Windows).

Integrate with databases to store historical scan data for trend analysis.

Add API integrations to cross-reference CVEs for ports/services detected.

Use dashboards like Grafana or Plotly for interactive visualizations.

Takeaway

This advanced network monitoring project highlights:

Automated detection of new devices

Risk-based vulnerability scoring

Visualization of network health

Real-time alerting to Slack

By sharing these kinds of projects, you demonstrate both technical skill and practical problem-solving, which is exactly what employers and collaborators look for in cybersecurity and cloud security roles.

Automating Network Monitoring with Python: A Hands-On Example

Jessica Arnwine — Tue, 02 Sep 2025 01:05:34 +0000

Network monitoring is a critical part of cybersecurity. Knowing which hosts are up, which ports are open, and when unexpected changes occur can prevent security incidents before they escalate. With Python, you can create scripts that perform scans, log results, and even send notifications — all with minimal tools.

This post will walk through a practical example, including code snippets, to demonstrate real-world cybersecurity automation.

Step 1: Setting Up the Environment

First, make sure you have Python 3.x installed. Then, set up a virtual environment and install the necessary packages:

# Create a virtual environment
python3 -m venv netmon-env

# Activate the environment (Mac/Linux)
source netmon-env/bin/activate

# Activate the environment (Windows)
netmon-env\Scripts\activate

# Install required packages
pip install python-nmap requests

Step 2: Scanning Hosts and Ports

We’ll use the python-nmap module to scan hosts on our local network for common open ports:

import nmap

# Initialize scanner
scanner = nmap.PortScanner()

# Scan a target IP range for ports 22, 80, 443
scanner.scan('192.168.1.0/24', '22,80,443')

# Print results
for host in scanner.all_hosts():
    print(f'Host: {host}, State: {scanner[host].state()}')
    for proto in scanner[host].all_protocols():
        print(f'Protocol: {proto}')
        ports = scanner[host][proto].keys()
        for port in ports:
            print(f'Port {port}: {scanner[host][proto][port]["state"]}')

This simple script allows you to quickly see which hosts are live and which ports are open, giving you insight into potential vulnerabilities.

Step 3: Logging Results

Keeping logs of your scans is essential for tracking changes over time. Here’s how you can write scan results to a CSV file:

import csv

with open('network_log.csv', 'w', newline='') as file:
    writer = csv.writer(file)
    writer.writerow(['Host', 'Protocol', 'Port', 'State'])

    for host in scanner.all_hosts():
        for proto in scanner[host].all_protocols():
            ports = scanner[host][proto].keys()
            for port in ports:
                writer.writerow([host, proto, port, scanner[host][proto][port]['state']])

Now you have a persistent record of your network state that you can review or share with your team.

Step 4: Sending Alerts

Automation becomes powerful when your script can notify you of unusual events. Here’s an example of sending a Slack alert if a critical port (like SSH 22) is unexpectedly open:

import requests

webhook_url = 'https://hooks.slack.com/services/XXX/YYY/ZZZ'

for host in scanner.all_hosts():
    if scanner[host].has_tcp(22) and scanner[host]['tcp'][22]['state'] == 'open':
        message = {'text': f'Alert: SSH port open on host {host}!'}
        requests.post(webhook_url, json=message)

With this setup, you’ll be instantly notified of potential risks — an essential feature for any security professional.

Step 5: Putting It All Together

You now have the building blocks for a basic network monitoring tool:

Scan your network for live hosts and open ports.

Log results for historical tracking.

Send alerts for critical issues.

From here, you can expand the script with:

Scheduled scans using cron or Windows Task Scheduler

More detailed vulnerability checks using additional modules

Email notifications with smtplib

Integration with dashboards like Grafana for visualization

Takeaway

This project demonstrates how Python can turn a repetitive, manual security task into an automated workflow. Even at a beginner-intermediate level, these skills showcase your technical ability, problem-solving mindset, and practical approach to cybersecurity.

Tip: Including multiple working code snippets like this in your portfolio shows prospective employers or collaborators that you can build real-world tools, not just talk about theory.

My Journey in Cybersecurity, Cloud, and Data

Jessica Arnwine — Mon, 01 Sep 2025 18:14:53 +0000

For me, this isn’t just a career path but it is a passion. I’m constantly building projects, learning advanced security practices, and documenting the journey along the way. My mission is simple: to make technology knowledge accessible, practical, and engaging for anyone who wants to grow.

Cybersecurity: Protecting What Matters Most
Cybersecurity isn’t just about firewalls and antivirus software, it’s about resilience. Threats evolve daily, from phishing emails to ransomware attacks, and the best defense is layered knowledge. I focus on practical security: applying real-world solutions that can protect businesses, families, and communities. Sharing these practices makes technology feel less intimidating and more empowering.

Cloud Technologies: The Future of Innovation
The cloud is no longer “new.” It’s the foundation of modern business. From scalability to cost efficiency, cloud computing transforms how we store, share, and secure information. But it also introduces new challenges, misconfigurations, access controls, and compliance concerns. By building projects in the cloud, I’m learning how to optimize security while unlocking the full potential of these platforms.

Data-Driven Problem Solving: From Insight to Action
At the heart of every major decision is data. But data by itself isn’t powerful, it’s what you do with it that matters. I approach problem solving by using data to guide decisions, uncover patterns, and build smarter systems. Whether it’s identifying unusual network activity or streamlining processes, data is the compass that points the way forward.

Why I Share the Journey
One thing I’ve noticed is that tech knowledge often feels locked away behind jargon and gatekeeping. I want to break that barrier. By documenting my learning process, project builds, and lessons from the field, I aim to create a roadmap that others can follow, whether they’re just starting out or looking to advance.

Technology should feel like an open door, not a closed one.

The Goal Ahead
My ultimate goal is to keep growing while helping others grow alongside me. By making complex ideas simple, practical, and engaging, I hope to inspire more people to see technology as something they can master. Cybersecurity, cloud, and data are the future and the more people we empower with this knowledge, the safer and smarter that future will be.

My Tech Stack

Jessica Arnwine — Mon, 01 Sep 2025 18:12:58 +0000

When it comes to technology, I believe in using tools that are not only powerful but also practical for real-world problem solving. My stack is built around security, efficiency, and flexibility, helping me learn, build, and continuously push boundaries. Here’s what I use and why:

Linux
At the core of my workflow is Linux. It gives me the freedom to customize, automate, and truly understand what’s happening under the hood. From server management to scripting, Linux is the foundation of my security and development environment.

Python
Python is my go-to language. Its versatility makes it ideal for automation, penetration testing, data analysis, and security scripting. Whether I’m building custom tools or analyzing data, Python allows me to turn ideas into reality quickly.

Cloud Security
With organizations moving workloads to the cloud, security has to evolve. I’m focused on understanding identity management, zero-trust principles, and securing workloads in platforms like AWS and Azure. Cloud security isn’t just about defense, it is about enabling businesses to innovate safely.

Vulnerability Management
Staying ahead of threats means constantly identifying, assessing, and remediating risks. I use vulnerability management tools and frameworks to monitor systems and reduce the attack surface. It’s not just about finding issues, it is about fixing them strategically.

Penetration Testing
To truly understand security, you have to think like an attacker. Pen testing allows me to explore weaknesses, exploit them in a controlled way, and then apply those lessons to strengthen defenses. It’s a blend of creativity, problem-solving, and technical skill.

My Philosophy
Each piece of my stack supports the other. Linux provides control, Python builds automation, cloud security protects evolving infrastructures, vulnerability management identifies risks, and pen testing challenges me to think critically. Together, they form a toolkit that’s not just about technology, but about building resilience.

What I Am Available For

Jessica Arnwine — Mon, 01 Sep 2025 18:11:21 +0000

Technology is more than a career path for me, it’s a space where curiosity meets problem-solving. I thrive at the intersection of cybersecurity, cloud technologies, and data-driven decision-making. Here’s what I bring to the table and what I’m available to collaborate on:

Exploring Cloud & AI
I’m deeply engaged in exploring the evolving landscape of cloud computing and artificial intelligence. From understanding emerging tools to testing real-world applications, I’m driven to turn complex concepts into clear, practical solutions.

Turning Curiosity Into Code
For me, coding isn’t just about syntax, it’s about building answers to real problems. I enjoy experimenting with projects that push boundaries, whether that’s automating workflows, creating data-driven insights, or improving system security. Curiosity fuels my learning, and every project is an opportunity to discover something new.

Cybersecurity & Cloud Security Analyst
Security is at the heart of my work. I specialize in protecting data and infrastructure in cloud environments by applying advanced security practices, monitoring systems, and designing defenses against evolving threats. I aim to make organizations more resilient while keeping security approaches accessible and understandable.

Threat Detection & Response
Cyber threats evolve daily, and so must our defenses. I focus on detecting vulnerabilities early, analyzing potential threats, and implementing rapid response strategies that minimize risk. My goal is not only to respond to threats but to stay ahead of them.

Penetration Testing
I take a hands-on approach to security by simulating real-world attacks through penetration testing. This allows me to uncover weaknesses before malicious actors can exploit them and provide clear, actionable steps for strengthening defenses.

Vulnerability Management
Security doesn’t stop at finding problems, it’s about solving them. I work on identifying, prioritizing, and addressing vulnerabilities in systems, ensuring organizations maintain strong, ongoing protection against risks.

Why This Matters
The digital world runs on trust, and every system, application, and piece of data needs to be safeguarded. My focus is on making cybersecurity knowledge and practices accessible, practical, and effective—helping individuals and organizations grow with confidence in a secure digital environment.

Whether it’s collaborating on cloud security initiatives, testing defenses, or exploring AI-driven solutions, I’m available to work on projects that challenge the status quo and build safer, smarter systems.

Above all
I am available for all things God and Jesus Christ, letting my faith guide my work, my learning, and my service to others.

Faith in a Decentralized World

Jessica Arnwine — Mon, 25 Aug 2025 17:19:13 +0000

Lessons from Atproto, Cybersecurity, and Trust in God. Technology is shifting again. With Atproto, a decentralized protocol behind platforms like Bluesky, the goal is to give people back control, over identity, data, and digital communities. It’s part of a bigger movement toward transparency and freedom online.

In many ways, it mirrors what wealth and faith already teach us:

Cybersecurity reminds us to guard what matters most.

Wealth management teaches stewardship and wise planning.

Faith calls us to build on a foundation that cannot be shaken.

Decentralization promises independence, but independence without wisdom can still lead to chaos. That’s why we need discernment — the same way Scripture calls us to test every spirit and every foundation.

Atproto shows us that control is valuable, but true security isn’t in protocols, passwords, or platforms. It’s in God. He is the ultimate anchor, the one system that never crashes and never corrupts.

When we align our digital lives, financial plans, and daily choices with His wisdom, we gain not just freedom, but peace.

Strength in the Storm

Jessica Arnwine — Mon, 25 Aug 2025 17:11:53 +0000

Storms come in many forms — a cyberattack that steals peace of mind, an unexpected bill that strains finances, or a season of doubt that tests faith. But storms also reveal where our foundation lies.

Cyber teaches us vigilance. Wealth teaches us stewardship. Faith teaches us trust. Together, they form an anchor that holds steady when the winds rise.

In a digital world, protecting data matters. In a financial world, managing money matters. But in every world, faith matters most, because it gives us strength when everything else feels uncertain.

Faith and Cyber: Protecting Today, Trusting Tomorrow

Jessica Arnwine — Mon, 25 Aug 2025 16:29:24 +0000

In cybersecurity, we protect systems, guard data, and anticipate threats but no firewall or encryption can replace the guidance of God. Just as we secure our digital lives, we must anchor ourselves in faith to navigate uncertainty in life.

Trusting God gives clarity when decisions feel overwhelming, resilience when challenges arise, and wisdom to see opportunities where others see risk. Faith is the ultimate guide, leading us toward a brighter, more secure future—not just in technology, but in life, relationships, and purpose.

Just as a well-protected network thrives, a life led by God prospers. Secure your heart, strengthen your faith, and trust Him to light the path ahead.

Faith, Family, Cyber, and Wealth: Protecting What Matters Most

Jessica Arnwine — Mon, 25 Aug 2025 16:27:11 +0000

In a world that moves faster every day, the things we value our faith, our families, our finances, and even our digital lives need intentional care.

Faith keeps us grounded. Without God at the center, success can feel empty, and security can feel fragile. He guides our decisions, giving clarity in uncertainty.

Family is our first investment. The time, love, and lessons we pour into our households shape generations. Protecting family isn’t just about shelter it’s about nurturing trust, values, and connection.

Cybersecurity is more than a job; it’s a necessity. Just as we protect our homes, we must safeguard our digital lives. Passwords, encryption, and awareness guard us from threats that could compromise both personal and financial security.

Wealth is stewardship. True financial health comes from planning, discipline, and generosity. By managing resources wisely, we can provide for our families, give generously, and create a legacy.

When faith, family, cyber awareness, and financial wisdom align, we build not just security but a life of purpose, resilience, and blessing.

Reflection: Are you protecting what matters most in all four areas of your life?

Why Cybersecurity is the New Financial Literacy

Jessica Arnwine — Sun, 24 Aug 2025 20:54:06 +0000

We know the basics of financial literacy; budgeting, saving, and investing. But today, in a world where most of our money and assets are digital, cybersecurity is equally crucial to protecting wealth. Just as we plan our finances carefully, we must also safeguard the systems that store and move our money.

Identity Theft & Fraud: The Modern Financial Risks

Financial fraud has evolved beyond paper checks and stolen wallets. Identity theft can drain accounts, damage credit, and create long-term consequences.

Phishing emails or scams can trick even careful savers.

Data breaches at banks or fintech apps can expose personal information.

Unauthorized transactions can go unnoticed without proactive monitoring.

Just as we diversify investments to reduce risk, we must implement cybersecurity practices to protect our digital identity.

Weak Passwords = Financial Vulnerability

A weak password is like leaving your front door unlocked. Many people reuse passwords across multiple accounts, making it easier for attackers to gain access.

Use long, complex, unique passwords for banking and fintech accounts.

Enable multi-factor authentication (MFA) whenever possible.

Consider using a password manager to securely store and generate strong passwords.

In digital finance, your login credentials are as valuable as the money in your account. Protecting them is non-negotiable.

Cloud & Fintech Security for Personal Money Management

Modern financial tools — online banking, investment apps, digital wallets, rely on cloud technology. While convenient, this introduces new vulnerabilities:

Always verify that apps use end-to-end encryption.

Keep your devices updated to patch security flaws.

Review permissions and access regularly, even trusted apps can become risky if compromised.

Just as you research investments, research the security of the platforms you use to store and manage your money.

Cyber Hygiene as Part of Smart Investing

Cyber hygiene isn’t just about preventing hacks, it’s an essential part of financial planning:

Regularly check accounts for suspicious activity.

Back up critical financial documents offline or in secure cloud storage.

Educate yourself on current scams and threats — awareness is one of the most powerful defenses.

Investing in cybersecurity practices today protects your wealth tomorrow, just as consistently investing in stocks or savings grows your money.

Takeaway

Financial health today isn’t just about dollars — it’s about securing the digital systems that hold them.

Protecting your identity is as important as protecting your cash.

Strong passwords and MFA are essential tools for financial security.

Vigilance in digital platforms complements smart investing strategies.

Cybersecurity and financial literacy together create a resilient wealth management plan.

In a digital world, your money is only as safe as the systems that hold it. Guard them with the same care you guard your investments, and your financial foundation will remain strong.

Automating Vulnerability Scans with Python: A Beginner-Friendly Guide

Jessica Arnwine — Sun, 24 Aug 2025 20:51:50 +0000

Vulnerability management doesn’t always need expensive tools. With Python, you can start automating basic scans and reports for free.

I would love to chat about Steps to:

Setting up Python environment

Using socket & nmap modules for scanning

Parsing results & generating reports

Sending alerts via email/Slack

Takeaway:
Readers walk away with a working script + an understanding of how automation saves time in real-world security work.

Automating Vulnerability Management with Python: A Beginner-Friendly Guide

Vulnerability management is a cornerstone of cybersecurity, but it doesn’t always require expensive enterprise tools. Even a simple Python script can help automate basic scans, generate reports, and alert you to issues — all at little to no cost.

For security professionals, students, or enthusiasts, learning to automate routine tasks not only saves time but also builds a strong foundation for more advanced security practices. Here’s how you can get started.

Why Automation Matters

Manual vulnerability assessments are time-consuming and prone to human error. Automation allows you to:

Run consistent scans without forgetting critical targets.

Generate standardized reports for teams or management.

Receive timely alerts when issues arise, so you can respond faster.

Learn programming skills that scale as your security responsibilities grow.

Even basic automation transforms vulnerability management from a repetitive chore into a more efficient and insightful process.

Step 1: Setting Up Your Python Environment

Before you start writing scripts, you need a working Python environment:

Install Python 3.x — latest stable release recommended.

Set up a virtual environment to keep your dependencies organized:

python3 -m venv vuln-env
source vuln-env/bin/activate   # Mac/Linux
vuln-env\Scripts\activate      # Windows

Install essential packages such as python-nmap, requests, and smtplib (for email alerts).

This ensures your environment is isolated, manageable, and ready for security automation experiments.

Step 2: Using Socket & Nmap Modules for Scanning

Python has built-in modules and community packages that simplify scanning tasks:

Socket Module: Useful for checking if a specific port is open on a host.

Python-nmap Module: A wrapper around the popular Nmap tool, letting you automate network scans directly from Python.

A simple script might look like this:

`import nmap

nm = nmap.PortScanner()
nm.scan('192.168.1.1', '22-443')
for host in nm.all_hosts():
    print(f'Host: {host}, State: {nm[host].state()}')
`

With just a few lines, you can start gathering information about your network, spotting potential vulnerabilities quickly.

Step 3: Parsing Results & Generating Reports

Once you’ve scanned your targets, the next step is organizing the data. Python allows you to:

Parse JSON or XML output from scans

Filter results based on severity

Generate CSV or HTML reports for your team

Example:

`import csv

with open('scan_results.csv', 'w', newline='') as file:
    writer = csv.writer(file)
    writer.writerow(['Host', 'Port', 'State'])
    for host in nm.all_hosts():
        for proto in nm[host].all_protocols():
            ports = nm[host][proto].keys()
            for port in ports:
                writer.writerow([host, port, nm[host][proto][port]['state']])
`

This step ensures your findings are easy to review and track over time.

Step 4: Sending Alerts via Email or Slack

Automation isn’t just about scanning; it’s about actionable intelligence. Python can notify you in real time:

Use smtplib or email to send alerts via email

Use slack-sdk or requests to push notifications to Slack channels

Example for Slack:

`import requests

webhook_url = 'https://hooks.slack.com/services/XXX/YYY/ZZZ'
message = {'text': 'Vulnerability scan completed. Check the report!'}
requests.post(webhook_url, json=message)`

Alerts like these reduce response time and help security teams act quickly before issues escalate.

Takeaway

By the end of this process, readers will:

Have a working Python script for basic vulnerability scanning

Understand how automation reduces manual workload in security operations

Be empowered to expand scripts, integrate more tools, and handle larger networks

Automation doesn’t replace expertise, it enhances it. Even simple scripts can save hours of repetitive work, allowing security professionals to focus on deeper analysis and mitigation.