Deploying Invicti Node.js IAST sensor
Invicti IAST Network prerequisites Invicti IAST makes use of the IAST Bridge. The IAST sensor must be able to communicate with iast.invicti.com to transmit data to the DAST scanning engine. |
Before deploying Invicti IAST, note the list of supported servers and frameworks.
Supported Servers and Frameworks | |
NodeJS Runtime |
|
Database Clients |
|
Routers |
|
Templating |
|
Others |
|
To deploy Invicti IAST, you should remember that we need to invoke the sensor when launching the Node application.
Deploying Invicti IAST requires the following steps.
Step 1: Downloading Invicti IAST for your Target
The instructions to download the Invicti IAST file can be found here: https://www.invicti.com/support/application-security-platform/introduction-to-invicti-iast/.
Step 2: Copy the Invicti IAST to the Target
For the purposes of this document, we will assume that we will create a dedicated folder inside your operating system's ROOT folder to hold the Invicti IAST file.
Under Windows:
- Create a folder "C:\iastsensor\"
- Copy the node-iastsensor.tar file into "C:\iastsensor\"
Under Linux:
- Create a folder "/iastsensor" with the following command:
- mkdir /iastsensor/
- Use "cd" to navigate to the folder which contains your downloaded Invicti IAST file and run the following command:
- cp node-iastsensor.tar /iastsensor/
Step 3: Launch your Node.js web application invoking the Invicti IAST
Under Windows:
- Use "cd" to navigate to the folder that contains your web application (where the "app.js" file resides) and run the following commands:
- npm install \iastsensor\node-iastsensor.tar --no-save
- npx node-iastsensor app.js
Under Linux:
- Use "cd" to navigate to the folder that contains your web application (where the "app.js" file resides) and run the following commands:
- npm install /iastsensor/node-iastsensor.tar --no-save
- npx node-iastsensor app.js
Uninstall Invicti IAST
For Windows:
- Navigate to the folder where the Invicti IAST sensor is installed and run this command:
- npm remove node-iastsensor
- Remove the "C:\iastsensor\node-iastsensor.tar" file and then remove the "C:\iastsensor" folder
For Linux:
- Navigate to the folder where the Invicti IAST sensor is installed and run these commands:
- npm remove node-iastsensor
- rm -rf /iastsensor
Note: Although Invicti IAST sensor files are secured with a unique strong built-in password, it is recommended that the Invicti IAST sensor files are uninstalled and removed from the web application if they are no longer in use.