Application Security Platform
Agent management

Install internal agent on Docker

This document is for:
Invicti Platform

Invicti Platform lets you use internal agents to scan targets in your internal environment that are not publicly accessible from the internet or when you do not want to whitelist Invicti cloud agents.

This document explains how to install the Invicti internal agent using Docker CLI.

If your internal agents require a proxy to connect to platform.invicti.com or platform-eu.invicti.com, these parameters must be specified when installing the internal agent. For instructions, refer to Installing an internal agent with proxy settings.  

Limitations for internal agents

When the site is internal, and you prefer using internal agents for the scan, you cannot create a new Login Sequence Record (LSR) or Business Logic Record. However, you can import them. For further information about recording and downloading an LSR, refer to the Standalone login sequence recorder overview.

Prerequisites

System requirements

  • At least 2-core CPU 64bit processor
  • Dedicated memory: minimum of 2 GB RAM
  • At least 50GB of HDD

Access requirements

  • Ensure Docker Desktop is installed on your host OS by verifying with the command 'docker -v' in Terminal. If version information is displayed, you're all set. Otherwise, refer to the Docker support documentation for installation guidance.
  • Administrator privileges for command execution.
  • Invicti Platform Administrator role.

Whitelisting requirements

If you are running multiple concurrent scans with internal agents, your RAM and CPU need to be exponentially greater than the specified installation requirements.

  • Running 2 concurrent scans requires 6 GB RAM + a 2-core CPU
  • Running 3 concurrent scans requires 8 GB RAM + a 3-core CPU
  • Running 4 concurrent scans requires 10 GB RAM + a 4-core CPU

Any additional concurrent scan requires +2 GB RAM and + a 1-core.

Steps to install an internal agent using Docker

  1. Select Scans > Agents from the left-side menu.
  2. Click Agent Installation Instructions.

  1. Select Docker.

  1. Enter a name for your internal agent.

  1. Copy the command from Step 3 in the Agent Installation Instructions.

 

  1. Open Terminal, paste, and execute the command copied from the Agent Installation Instructions.

Below is a table detailing the parameters necessary to configure a Docker container for installing an internal agent.

Parameter

Description

-d

This indicates detached mode, allowing the container to operate in the background.

--name

Assigns a name to the container.

--url

Specifies the Invicti URL.

--agentname

Defines the agent name in the Invicti UI, changeable later.

If installing multiple agent instances, assign a unique agent name for each instance. (Max 50 characters)

--registration-token

Obtain from Invicti Scans > Agents > Agent Installation > Docker > Your registration token is displayed in Step 2: Get your token.


Your internal agent is successfully installed. Access the Invicti Agents page to view and manage your internal agents.

You can now assign targets to the installed internal agent and commence testing your website.

Troubleshooting

To troubleshoot issues, review the Docker log and host terminal. For further assistance, contact our Support team.


Share This Article