Public Repository

Last pushed: a year ago
Short Description
docker repository for Cavirin Systems inc.
Full Description

Cavirin Automated Risk Analysis Platform (ARAP)

Cavirin’s Automated Risk Analysis Platform (ARAP) is a purpose-built, agentless solution that can be quickly deployed as a Docker container and capable of ensuring the security and compliance posture of IT infrastructure resources on private, public, or hybrid clouds. It is capable of discovering the IT assets and brings in deep configuration information that can be evaluated against regulatory guidelines such as PCI, HIPAA, ISO, and SOC. Issues identified as a result of security and compliance scan can exported as reports that includes detailed remediation suggestions. The integration of ARAP with infrastructure platforms such as Chef enables the orchestration of automatic remediation of assets that failed the security scans.

Feature Highlights of ARAP Version 8.4

  1. Automated, deep discovery the IT assets and resources across your private, hybrid, and public clouds, and collection of configuration information that matters in the evaluation of security/compliance posture of the infrastructure as a whole.

  2. Currently Supported public clouds: AWS, Azure

  3. Security Scanning against hardening rules:
    a. AWS Security Hardening Best Practices
    b. Center for Internet Security AWS Foundation Benchmarks

  4. Security scanning of Docker hosts and containers
    a. Center for Internet Security (CIS) Benchmarks for Docker Security.

  5. Policy Packs for regulatory compliance
    a. NIST
    b. HIPAA
    c. PCI
    d. ISO
    e. SOC

Installation Guide for ARAP as a Docker Container

Prerequisites:

Install Docker on any Linux Host. Installation guide

Steps to install
  1. Pull the arap image using the following docker command.

     $ docker pull cavirinsystems/arap:latest
    
  2. Run docker images to check if the required image is downloaded from the repository.

     $ docker images
    
  3. Run the downloaded image using the following command. (-d will make it run in background.)

     $ docker run -P -d cavirinsystems/arap:latest
    
  4. Check the status of running containers using docker ps

     $ docker ps
     CONTAINER ID   IMAGE                         COMMAND          CREATED        STATUS        PORTS                                  
     48a4c91e3677  cavirinsystems/arap:latest  "./arap.sh" 59 seconds ago Up 57 seconds 0.0.0.0:32773->443/tcp 
    
  5. <port number> : note the port number which is mapped to 443 on docker container. ( for eg. 32773 is mapped to 443 as per 0.0.0.0:32773->443/tcp).

Use ARAP
  1. Check the ip of the host on which Docker engine is installed.(if its on local then it will be localhost else check using ifconfig command).

  2. go to the browser and type https://host-ip-address:port/nova for eg. if running docker on local machine then url would be

     https://localhost:32773/nova
    

    note: after running the docker run in step 3 of Steps to install it will take around 7-10 mins for machine to get up and running

Obtaining License for ARAP

To obtain a free, evaluation license, please contact support@cavirin.com with the following mandatory information:

  • Company Name
  • Contact Name
  • Title
  • Email Address
  • Phone Number
Docker Pull Command
Owner
cavirinsystems

Comments (0)