This article overviews what a Scanning Agent is, how it works, and how to install and scan with it.
What is a Scanning Agent for?
Probely's Scanning Agent allows you to scan internal applications for vulnerabilities without exposing them to the Internet or even to our IP addresses. It is the ideal approach to scan any application that is only reachable from within your network, including development/staging/pre-release and/or internal production applications that support your business.
You can use a single Scanning Agent to scan multiple internal targets, but you can also have different Scanning Agents, each one reaching a part of your network. There is no need for a single Scanning Agent to connect to the whole network.
How does a Scanning Agent work?
A Scanning Agent creates an encrypted and authenticated tunnel where traffic flows securely between Probely and your network.
To make sure we meet your security expectations, we follow a set of principles:
All code is open source and publicly available.
You have complete control over the Scanning Agent, including the right to change it.
Probely cannot access the Scanning Agent.
The Scanning Agent runs in containers with the least required privileges.
All traffic is encrypted end-to-end.
The Scanning Agent does not open any network port.
How to install a Scanning Agent?
To install a Scanning Agent, refer to this article on how to install a Scanning Agent and the installation reference and source code for the installer available at Probely's Github repositories.
How to scan a target with a Scanning Agent?
When a Scanning Agent is configured and running, you must choose which targets will use it:
In the Probely app, go to the TARGETS tab.
Identify the target in the list for which you want to set the Scanning Agent and click on the cogwheel to open its settings.
Under the SCANNER tab, go to the SCANNING AGENT section and select the Scanning Agent you want to use.
Click SAVE.
Clicking UNLINK removes the Scanning Agent for the target.
You can also assign/remove a Scanning Agent to/from multiple targets in the targets list. Select the targets you want to configure, and the options will appear:
As the image above shows, targets configured to use a Scanning Agent will show a cloud icon with a tunnel.
What are the statuses of a Scanning Agent?
A Scanning Agent can have one of the following statuses:
Status | Description |
Connected | The scanning agent is connected. It was working in the last 180 seconds. |
Connected with issues | The scanning agent is connected, but it may have poor network performance if it uses, for example, an HTTP proxy or a direct TCP connection to Probely. For more information, see this article about the TCP Meltdown problem and check the documentation on launching the agent. |
Disconnected | The scanning agent is disconnected, maybe due to misconfiguration. Check the scanning agent configuration or the firewall rules, for example. For more information, check the Installation and Network Requirements documentation. |
If you still need help, don't hesitate to message us or send us an email to [email protected].
P.S.: Why is the Scanning Agent named Farcaster? Learn more about it here.