Install Scanning module in your Cloud

Overview

Red Teaming Modules involves sending malicious agentic requests to your (staging) server. By default, these malicious scanning requests are sent from the Red Teaming module installed within Akto Cloud.

There could be multiple reasons why you'd want to install probing module within your Cloud.

Whitelisting Akto's IP in Security Group or WAF isn't an option
The staging server isn't reachable from public domain
The WAF would block most requests (or block Akto's IP)
The Agentic component domain isn't resolvable from public domain
The Agentic component is completely internal

Copy the JWT Token

Login to Akto dashboard at app.akto.io
Go to Quick Start > Hybrid Saas > Click on “Connect” button
Copy the JWT token (marked in red) [ Also referred as Database Abstractor Token later]

You then have to use a Linux VM to install Akto AI Red Teaming module in your cloud manually.

Setup Linux VM

Provision a New VM

Minimum recommended configuration:

Platform: Amazon Linux 2023
CPU: 2 vCPUs
Memory: 4 GB RAM
Disk: 20 GB

Don’t use burstable instances.

Network:
- Private subnet
- connectivity to internet (typically via NAT)
- connectivity to your staging service
Security groups
- Inbound - Open only port 22 for SSH
- Outbound - Open all

SSH into the VM

SSH into this new instance in your Cloud
Run the following command:
```
sudo su -
```

Install Docker & Docker Compose

Install the docker and docker-compose.

Create the Environment File

Create:
```
nano docker-agentic-testing.env
```

Add the following:

ANTHROPIC_API_KEY=<key>
NODE_ENV=production
PORT=5500
AGENTIC_MODE=false
NODE_TLS_REJECT_UNAUTHORIZED=0
USE_SESSION_MANAGEMENT=true

Anthropic API Key Required

You must replace your actual Anthropic API Key in the env file.

You can also reference the original template is here.

Create the Docker Compose File

Create:

nano docker-compose-mini-testing-agentic.yml

Important Requirements

You must replace <your-database-abstractor-token> with the actual Database Abstractor Service Token (JWT) copied from the Step 3 of Copy the JWT Token.
Ensure both files below are in the same directory:
- docker-compose-mini-testing-agentic.yml
- docker-agentic-testing.env

Add the following configuration:

version: '3.8'
services:
  agent-testing:
    container_name: agent-testing
    image: public.ecr.aws/aktosecurity/akto-agentic-testing:latest
    ports:
      - "5500:5500"
    env_file:
      - ./docker-agentic-testing.env
    restart: always

  akto-api-security-testing:
    image: public.ecr.aws/aktosecurity/akto-api-security-mini-testing:latest
    container_name: akto-api-security-testing
    environment:
      RUNTIME_MODE: hybrid
      DATABASE_ABSTRACTOR_SERVICE_TOKEN: <token>
      PUPPETEER_REPLAY_SERVICE_URL: "http://akto-puppeteer-replay:3000"
      MINI_TESTING_NAME: "akto-testing-module"
      AGENT_BASE_URL: "http://agent-testing:5500"
    ports:
      - "8001:8001"
    restart: always

  akto-api-security-puppeteer-replay:
    image: public.ecr.aws/aktosecurity/akto-puppeteer-replay:latest
    container_name: akto-puppeteer-replay
    ports:
      - "3000:3000"
    environment:
      NODE_ENV: production
    restart: always

  watchtower:
    image: containrrr/watchtower
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      WATCHTOWER_CLEANUP: true
      WATCHTOWER_POLL_INTERVAL: 1800
    labels:
      com.centurylinklabs.watchtower.enable: "false"

For the reference,the original template is here.

Start the Scanning Module

Run:

docker-compose -f docker-compose-mini-testing-agentic.yml up -d

Run the following command to ensure Docker starts up in case of instance restarts:
```
systemctl enable /usr/lib/systemd/system/docker.service
```

Get Support for your Akto setup

There are multiple ways to request support from Akto. We are 24X7 available on the following:

In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.
Join our discord channel for community support.
Contact [email protected] for email support.
Contact us here.

PreviousEdit Probe Settings NextEphemeral Storage for Hybrid Runtime

Last updated 1 month ago