This article will give you more detailed information about the local agent, its functions, and how to enable it.
What is the Local Agent, and how does it work?
The local agent creates a secure tunnel between your system and Crashtest Security's software. With this Add-On, Crashtest Security can conduct security scans for users who do not expose their test applications to the internet.
Until now, the Crashtest Security Suite could scan targets only from the cloud and only when they were already published:
Enabling the local agent allows the Crashtest Security Suite to scan targets directly while they're in testing/staging without whitelisting the IP addresses in the firewall:
So why do I need the Local Agent?
Test applications are not accessible from the internet
If you have set up your network so that external access to the test/staging environment from outside is impossible, a security scan from the cloud cannot be performed. With the local agent, Crashtest Security can scan your web app's testing/staging version (or API) without a public endpoint.
How can I enable the local agent?
Not every customer will receive this feature. For those who do get this add-on, the local agent can be enabled by installing the local agent on your network:
- Download the application
docker pull crashtestsec/crashtest-agent - Start the Local Agent
docker run -it crashtest-agent -a api.crashtest.cloud <proxy_agent_key