AQG Filesystem Scanner↑
The AQG Filesystem Scanner is a command-line application that scans the filesystem or a container image for cryptographic material. The logged information is formatted for analysis by AQtive Guard.
You can run it from the command line, or deploy it using one of our integrations. These integrations use your existing, approved IT infrastructure, allowing for a smoother deployment and quicker time-to-value by bypassing lengthy approval processes.
How to deploy the scanner↑
Deploy the AQG Filesystem Scanner using the method that best supports your environment and use cases:
- Deploy the AQG Filesystem Scanner yourself from the command line
- Leverage existing integrations for automated deployment
Deploy and run the AQG Filesystem Scanner yourself↑
This option is for users who want to run the scanner manually from the command line, providing granular control over the scan process.
Requirements↑
- Windows Server x64
- Linux x64 and kernel >= 4.0
How it works↑
Starting from the chosen root location, the AQG Filesystem Scanner goes through every file in the directory tree below, recursively descending into all subdirectories (without pursuing symbolic links). It tests the initial bytes of each file against a set of detectors for supported formats.
Note
The AQG Filesystem Scanner alters the access timestamp of files but won’t alter the modification and change timestamps. Additionally, the scanner only performs read-only actions, so it won’t lock files for other processes. A file with a mandatory or exclusive lock placed on it by another process will be skipped by the scanner, but the scanner will be able to access and open files with advisory locks on them.
It parses supported files and logs the cryptographic material in a format suitable for analysis by AQtive Guard. No sensitive data, such as private keys, is stored. In the case of encrypted keystores, if a password is provided, the AQG Filesystem Scanner also attempts to decrypt the encrypted portions using that password.
To manually deploy and run the scanner, refer to our documentation for either Windows or Linux.
Use an existing integration for automated deployment↑
This option is ideal for organizations that already use integrated third-party security platforms. You can leverage these existing integrations to deploy the Filesystem Scanner automatically.
The Filesystem Scanner can be deployed and orchestrated through the following integrations: