ScanSuite
  • Introduction
  • Architecture
  • Installation
    • Technical Requirements
    • Install ScanSuite server
    • Set up DefectDojo
    • Troubleshooting
    • SSL/TLS Setup
  • Administration
    • Setup parameters and services
    • Configuring API keys for external systems
    • User administration
    • Security logs
  • Usage
    • Products
    • Performing a static code analysis
      • Git repository authentication
      • Scheduling Periodic and Incremental Scans
      • (Optional) Compiling the code
      • Executing the OpenAI scan
    • Managing scan execution
    • Working with scan results
      • Checking for exploitable vulnerabilities
      • Export to Securitm
      • (Optional) Parsing CSV exports
    • Performing dynamic web scanning
      • Authenticated scans
      • API scans
    • Running infrastructure tests
    • Scheduling the scan
    • Creating own scanning rules
  • Versions History
    • v 1.0
    • v 1.1
    • v 1.2
Powered by GitBook
On this page
  1. Administration

Setup parameters and services

PreviousAdministrationNextConfiguring API keys for external systems

Last updated 2 months ago

ScanSuite components, such as the database or the MQ can be set on the different hosts. In such case, connection strings and credentials should be passed via the .env file which can be located in the ~/apps/scansuite folder:

LOG_FILE – the ScanSuite log file, should be reachable from the container. By default, only /var/tmp is mounted to the container, adjust the docker-compose.yml to mount other folders for an alternative log storage.

CELERY_HOST and REDIS_PASSWORD – Redis connection parameters

PS_DATABASE_ – PostgreSQL database connection parameters.

NESSUS_ - Nessus connection parameters.

Additionally, several binaries have been created to help with typical administrative activity. These are:

install [6_chars_license_id] – for ScanSuite and Defect Dojo installation and update. Execute it periodically to fetch the updates or set up the cron job to auto fetch the updates. For example:

sudo ./install 6efa34

install also accepts nodojo parameter to avoid Defect Dojo installation or update as a second parameter, and nostatic / nodynamic as second/ third parameters to bypass static or dynamic scanners download, for example, when ScanSuite is not used for both scan types. Possible usages:

sudo ./install 6efa34 nodojo

sudo ./install 6efa34 nostatic

sudo ./install 6efa34 nodynamic

Below is an example of cron job (execute sudo cron -e to set one) to set weekly auto updates:

0 3 * * 4 cd /home/USER/apps/scansuite && ./install 6efa34 > /home/USER/scansuite-update.log

start-scansuite [number_workers] – start or restart ScanSuite with number of workers for parallel scanning (default is 2)

defectdojo/dojo-password – retrieves Defect Dojo password from default DefectDojo location and changes password if required. Note that password is removed after the DefectDojo restart so write it down and save in secure location.

defectdojo/reset-dojo – wipes and recreates the Defect Dojo database in default location. This will also initiate new admin user generation. Wait a few minutes and execute dojo-password. Do not forget to fetch the new Defect Dojo API key and update ScanSuite Settings respectively.

services/reset-scansuite – wipes the ScanSuite database in default location. This will also initiate new admin user generation which will be visible when executing start-scansuite

services/nginx/certs – place your custom SSL private key and certificate in .pem format for ScanSuite web server.

defectdojo/certs – place your custom SSL private key and certificate in .pem format for DefectDojo web server.

services/nginx/default.conf.template – nginx configuration file. Adjust as required, also for non-default SSL certificate location, i.e. when certificates are managed by certbot.

services/nginx/scan-dojo.example – nginx example config to enable reverse proxy for both ScanSuite and Defect Dojo via one ScanSuite nginx instance.