Threatrix Documentation
Threatrix
  • Getting Started
  • Developer Quick Start
  • SecureShip
    • Artifactory Scanning
    • ThreatAgent Scanning
  • Threat Center
    • Creating Account
      • OAuth Login
    • Entity Dashboard
    • User Profile
  • AICertify
    • Reviewing Results
  • codecertify
    • Quick Start
    • Project Summary Tab
    • Components Tab
      • Custom Components
        • Adding
        • Editing
        • Important Notes
      • Header Panel
      • Module Tree Panel
      • Results Panel
        • Card View
        • Risk Graph View
      • Audit History
    • Assets Tab
      • Custom Asset Matches
        • Adding Asset Match
  • securecore
    • Project Dashboard
    • ThreatScan
    • Scan Results
  • Threat Agent
    • Threat Agent Overview
    • Threat Agent - Installation & Scanning
    • Scan Summary Reports
    • Resolving Errors
    • Scanning Container Images
  • Integrations
    • Dependency Managers
      • RENV
    • Build Integrations
      • AWS CodeBuild
      • Azure DevOps
      • Bitbucket Pipeline
      • CircleCI
      • GitHub Action
      • GitLab Pipeline
      • Jenkins Pipeline
    • SCM Integrations
      • GitLab
      • Bitbucket
    • Issue Management
      • Jira
    • Notifications
  • Policy Management
    • Policy Overview
    • Creating Policies
    • Policy Conditions
    • Policy Actions
    • Policy Scopes
  • Administration
    • User Management
    • Organization Settings
      • Organization Knowledge Base
      • Integration
        • Slack Integration
        • Jira Integration
        • Service Keys
    • RBAC
    • Entity Management
    • Okta
      • Okta Org2Org Integration
  • GraphQL API
    • API Overview
  • Resources
    • Dependency Managers
      • PIP
    • Dictionary
    • Licenses
    • Security & Privacy
    • Binary File Support
  • Hybrid / On Premise
    • Getting Started
    • Installation
    • Upgrade
    • Setup
    • Cloud Data Disclosure
    • Troubleshooting
Powered by GitBook
On this page
  • Getting Ready to Scan
  • Threat Agent Deployment Types
  • Host install and scanning
  • 1. Download Threat Agent CLI
  • 2. Run Threat Agent CLI
  • Docker Scanning
  • Command line options

Was this helpful?

  1. Threat Agent

Threat Agent - Installation & Scanning

Threatrix Threat Agent is a CLI scanning agent intended for use in situations where you don't want to scan directly from Github, Gitlab, or other source control management platforms.

PreviousThreat Agent OverviewNextScan Summary Reports

Last updated 7 months ago

Was this helpful?

Getting Ready to Scan

Before running a scan with Threat Agent you should create an API key and collect your Organization ID and Entity ID from your profile screen as shown below. These can be set as environment variables or passed directly as arguments to Threat Agent during a scan.

Threat Agent Deployment Types

Threat Agent can be deployed in two ways.

  1. Download and install directly on host - This requires that you have all your dependency managers installed on you host as they will be required by Threatrix to perform a scan

  2. Docker Deployment - If you're familiar with Docker and your deployment environment supports it, this is the easiest way to get up and running with our Threat Agent.

Host install and scanning

1. Download Threat Agent CLI

curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-latest.jar

2. Run Threat Agent CLI

java -jar threat-agent-latest.jar --oid={ORGID} --eid={ENTITYID} --api-key={AIPKEY} $PATH_TO_PROJECT

Docker Scanning

sudo docker run --rm --name threatrix-threat-agent -v $(pwd):/app threatrix/threat-agent \
 --oid={ORGID} \
 --eid={ENTITYID} \
 --api-key={API_KEY} $PATH_TO_PROJECT

Command line options

Argument/Flag

Type

Description

--app-name

argument

Optional

Set or override the default project name

--api-key

argument

Required

API Key from your user profile

--api-url

argument

Optional

Threatrix API url (no need to change unless you have a self-hosted Threatrix server)

--oid

argument

Required

OrganizationID from user profile

--eid

argument

Required

EntityID from user profile

--scpId

argument

Optional

Existing AICertify or CodeCertify projectId

--repo-owner

argument

Optional

Repository Owner

--repo-name

argument

Optional

Repository Name

--branch

argument

Optional

Current Branch

--scm

argument

Optional

Indicates the sourced control management system

to which the build is attached. Possible options are

  • GITHUB

  • GITLAB

  • BITBUCKET

--scm-access-token

argument

Optional

The token required to create pull/merge request scan

reports.

--verbose

flag

Optional

Activate debugging

--progress

flag

Optional

Show progress during scan