Introduction to internal site scanning

This document provides an introduction to the Agents feature available in Acunetix Premium+ Online.

Overview

Acunetix Premium+ Online includes an Agents feature that enables you to scan web applications that are inaccessible from the internet. The internal scanning agent can be installed inside your network and managed through the Acunetix Online portal to scan your internal resources. Scan results of the internal resources are automatically uploaded to your Acunetix Online portal so that they can be managed together with the results of your other scans.

Installation

Internal scanning agents can be installed on Windows or via Docker Desktop. Customers using Linux should install the agent through Docker Desktop. For Agent installation instructions, refer to the following documentation:

Prerequisites

System requirements

  • Windows running on at least a 2-core CPU 64bit processor
  • Dedicated memory: minimum of 2 GB RAM
  • At least 50GB of HDD

Access requirements

  • Administrator privileges for command execution
  • System or Platform Administrator role on Acunetix

Allowlisting requirements

For internal agents to work properly, you need to allowlist the following URLs:

  • online.acunetix.com
  • app.invicti.com (EU-based customers: app-eu.invicti.com)  
  • sca.acunetix.com
  • bxss.me
  • sb.bxss.me
  • acusensor.acunetix.com

For more information, refer to Allowlisting requirements for agents.

NOTE: If you are running multiple concurrent scans with internal agents, your RAM and CPU need to be exponentially greater than the specified installation requirements.

  • Running 2 concurrent scans requires 6 GB RAM + 2-core CPU
  • Running 3 concurrent scans requires 8 GB RAM + 3-core CPU
  • Running 4 concurrent scans requires 10 GB RAM + 4-core CPU

Any additional concurrent scan requires +2 GB RAM and +1 core.

Assigning internal scanning agents to targets

After installing an internal scanning agent, you need to assign the agent to a target in order to start scanning an internal site. This can be achieved either from the Agents page (where you can view a list of your internal agents) or the Targets page in your Acunetix Online portal.

NOTE: You need to add your internal target to Acunetix before you can assign an internal scanning agent to the target. For information about adding targets, refer to Configuring Targets.

How to assign an internal agent to a target    

From the Agents page:

  1. Select an internal agent from the list of internal agents.
  2. Select the Targets tab.
  3. Click + Assign Target.
  4. Use the drop-down menu to select an internal target, then click Submit.

From the Targets page:

  1. Select an internal target from the list of targets. The Target Settings page opens for the selected target.
  2. In the Default Agent section, use the drop-down list to select an internal agent.
  3. If required, enable the Configure proxy server for agent checkbox, then enter your proxy server details.
  4. Configure the other target settings as necessary, then click Save.

The internal agent is now assigned to an internal target and the internal agent will be used the next time a scan is launched for that target.

LSR/BLR: When using internal agents with targets that contain login or business logic sequences, you need to use the Acunetix standalone Login Sequence Recorder (rather than the LSR/BLR available in the Acunetix UI). For more information, refer to Using the Acunetix standalone Login Sequence Recorder.

« Back to the Acunetix Support Page