Internal Testing

Security tests behind your firewall


It's common to have internal applications and network devices that should not be exposed to the internet. However default scan engines won't reach them, but Gauntlet do reach them using either a SSH Tunnel or by deploying a Virtual Scan Appliance (VSA) in the internal network.



Register Internal Assets


Gauntlet needs to know that your asset is internal and you can tell it by marking "Isn't an internet facing server/application" when registering your asset.



Use SSH Tunnels


SSH is widely used for encrypted communication and its client is open source. For Windows you can use PuTTY instead. Then we would request you a SSH Public Key. It will be necessary to authenticate your application or server to establish the SSH Tunnel. Once connected the scan will start and you'll see the results in our web interface as usual.



Or a Virtual Scan Appliance (VSA)


On the other hand, you may have many assets, thus SSH Tunnel may not suffice. The other option is to deploy our Virtual Scan Appliance (VSA) that will perform checks directly within your network. Those checks are faster than usual because of the low latency. Then all findings will be reported back to our cloud-based application security platform.



Explore the features