Setup parameters and services

ScanSuite components, such as the database or the MQ can be set on the different hosts. In such case, connection strings and credentials should be passed via the .env file which can be located in the ~/apps/scansuite folder:

ENABLE_STATIC_SCANS – True by default, set to False to disable code static analysis functionality.

ENABLE_DYNAMIC_SCANS – True by default, set to False to disable dynamic scanning engine.

LOG_FILE – the ScanSuite log file, should be reachable from the container. By default, only /var/tmp is mounted to the container, adjust the docker-compose.yml to mount other folders for an alternative log storage.

CELERY_HOST and REDIS_PASSWORD – Redis connection parameters

PS_DATABASE_ – PostgreSQL database connection parameters.

NESSUS_ - Nessus connection parameters.

Additionally, several binaries have been created to help with typical administrative activity. These are:

install [6_chars_license_id] – for ScanSuite and Defect Dojo installation and update. Execute it periodically to fetch the updates or set up the cron job to auto fetch the updates. For example:

sudo ./install 6efa34

install also accepts nodojo parameter to avoid Defect Dojo installation or update as a second parameter, and nostatic / nodynamic as third parameter to bypass static or dynamic scanners download, for example, when ScanSuite is not used for both scan types. Possible usages:

sudo ./install 6efa34 nodojo

sudo ./install 6efa34 nodojo nostatic

sudo ./install 6efa34 nodojo nodynamic

Below is an example of cron job (execute sudo cron -e to set one) to set weekly auto updates:

0 3 * * 4 cd /home/myuser/apps/scansuite && ./install 6efa34 nodojo > /home/myuser/scansuite-update.log

dojo-password – retrieves Defect Dojo password from default ~/apps/django-DefectDojo location and changes password if required. Note that password is removed after the DefectDojo restart so write it down and save in a secure location.

start-scansuite [number_workers] – start or restart ScanSuite with number of workers for parallel scanning (default is 2)

services/reset-dojo – wipes the Defect Dojo database in default location. This will also initiate new admin user generation. Wait a few minutes and execute dojo-password. Do not forget to fetch the new Defect Dojo API key and update ScanSuite Settings respectively.

services/reset-scansuite – wipes the ScanSuite database in default location. This will also initiate new admin user generation which will be visible when executing start-scansuite

services/nginx/certs – place your custom SSL private key and certificate in .pem format for ScanSuite web server.

services/nginx/default.conf.template – nginx configuration file. Adjust as required.

services/nginx/scan-dojo.example – nginx example config to enable reverse proxy for both ScanSuite and Defect Dojo via one ScanSuite nginx instance. This is recommended when custom SSL certificates should be used for Defect Dojo, instead of the default self-signed.