Skip to content

Internal Configuration

The Internal Scan Configuration page allows you to define the scope of your organization's internal attack surface. Any listed assets will be in scope for threat discovery testing.

Scan Frequency

The scan frequency determines how often the system will scan the assets within your defined scope. The default scan frequency is set to once a week. You can adjust this frequency by selecting a different interval using the slider.

Adding a Scan Agent

  1. Navigate to the Scan Agents section.
  2. Click Add Agent.
  3. Enter the name of the asset.
  4. Provide an optional description for better tracking.
  5. Click Save changes to finalize the configuration.

Adding an Internal Asset

  1. Navigate to the Internal Assets section.
  2. Click Add Asset.
  3. Enter the IP address or hostname of the asset.
  4. Provide an optional description for better tracking.
  5. Assign an available scan agent to handle the scans for this asset.
  6. Click Save to finalize the configuration.

Downloading and Configuring the Scan Agent

Downloading the Scan Agent

To install a scan agent, download the appropriate version for your operating system:

  1. Navigate to the Scan Agents section.
  2. Click Download Scan Agent to open the download modal.
  3. Select the appropriate version based on your OS:
  4. macOS:
    • scan_agent_1.5.4_Darwin_arm64.tar.gz
    • scan_agent_1.5.4_Darwin_x86_64.tar.gz
  5. Linux:
    • scan_agent_1.5.4_Linux_arm64.tar.gz
    • scan_agent_1.5.4_Linux_x86_64.tar.gz
  6. Windows:
    • scan_agent_1.5.4_Windows_arm64.zip
    • scan_agent_1.5.4_Windows_x86_64.zip
  7. Once downloaded, extract the package and install the scan agent on an internal system with access to your defined assets.

Windows Installation

For Windows systems, use the provided batch scripts for automated installation:

  1. Download the Windows scan agent package (scan_agent_1.5.4_Windows_x86_64.zip or arm64 version)
  2. Extract the package to your desired installation directory
  3. Run scan_install.bat as Administrator to configure the agent:
  4. Enter your API URL (https://app.radarsecurity.ai/api/agent)
  5. Enter your API key (obtained from the Scan Agents section)
  6. Set your preferred scan time (24-hour format, e.g., 14 for 2 PM)
  7. The installer will:
  8. Create a Windows Scheduled Task for automatic startup
  9. Generate start_agent.bat for manual control
  10. Configure the agent with your API credentials

Manual Control: - Run start_agent.bat to start the agent manually - Press Ctrl+C to stop the agent - Run uninstall_agent.bat to completely remove the agent

Configuring the Scan Agent

When configuring your scan agent, specify the following API endpoint:

https://app.radarsecurity.ai/api/agent

  1. Install the scan agent on the designated internal system.
  2. Get the API Key from the Actions column by clicking the double box copy icon
  3. Configure the scan agent using the API key generated at scan agent creation.
  4. Ensure the scan agent has the necessary network access to the assigned assets.
  5. Start the scan agent process to begin receiving scheduled scan tasks.

Scanner IP Whitelisting

To ensure proper communication with the scan agent, allow outbound connections for the following IP addresses within Web Application Firewalls (WAFs) and network configurations:

  • 18.118.250.171
  • 18.223.4.27
  • 3.128.40.3
  • 3.134.70.93
  • 159.223.122.20
  • 206.189.191.60
  • 159.89.238.128

The scan agent will send a heartbeat every 5 minutes to check in, report its status, and confirm scan schedules, including scan frequency and timing.

Scan Agent Statuses

Scan agents have three possible statuses:

  • Connected: The scan agent is actively communicating with the system and sending heartbeats every 5 minutes.
  • Never Connected: The scan agent has been registered but has never checked in.
  • Offline: The scan agent has missed three consecutive heartbeats, indicating potential connectivity or operational issues.

Running the Scan Agent as a Background Service

To ensure continuous operation, configure the scan agent to run automatically on system startup.

Windows (Automated Setup)

The Windows installation script (scan_install.bat) automatically configures the agent as a background service:

  1. Creates a Windows Scheduled Task named "ScanAgent"
  2. Configures it to run at system startup with highest privileges
  3. Sets up automatic restart on failure

Manual Windows Service Management:

# View scheduled task
schtasks /query /tn "ScanAgent"

# Delete scheduled task
schtasks /delete /tn "ScanAgent" /f

# Start agent manually
start_agent.bat

Linux (systemd Service)

For Linux systems, create a systemd service file:

Service Configuration File (/etc/systemd/system/scan_agent.service)

[Unit]
Description=RADAR Attack Surface Scanner
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/scan_agent
Restart=always
RestartSec=5
StandardOutput=journal
StandardError=journal
Environment="API_KEY=my-secret-api-key"
Environment="API_URL=https://api.example.com"

[Install]
WantedBy=multi-user.target

Service Management Commands:

# Enable and start the service
sudo systemctl enable scan_agent
sudo systemctl start scan_agent

# Check status
sudo systemctl status scan_agent

# View logs
sudo journalctl -u scan_agent -f

# Stop and disable
sudo systemctl stop scan_agent
sudo systemctl disable scan_agent