I’m seeing traffic fuzzing our infrastructure. How can I verify if requests coming to the target web app, APIs or server are from Astra?

If you’re seeing traffic on your server or unexpected requests coming to your website, infra or SaaS application and suspect that it might be from a Pentest or a DAST scanner, Astra provides an easy way to verify this. Follow these steps to determine if the traffic is coming from Astra's scanner.

Steps to Verify Astra Traffic

Log in to your Astra platform using your credentials. Once you’re in the dashboard, proceed with the steps below:

1. Check for Ongoing Vulnerability Scans

Go to the Continuous Scan tab in your Astra platform. Look for any ongoing vulnerability scan. If a scan is in progress, there's a chance the traffic you're seeing is being generated by Astra's scanner.

2. Check for Ongoing Pentest

Similarly, check if there’s any Pentest in progress, as pentest can also generate traffic that might appear suspicious.

3. Verify IP Addresses of Requests

If you want to be double sure, you can check if the incoming traffic matches Astra’s IP ranges. Astra provides a list of IP ranges used by its scanners.

Go to Astra IP Ranges help article.
Search your server's access logs for any IP addresses that match Astra's IP ranges.

If you see requests from these IPs, it confirms that the traffic is coming from Astra, not malicious actors.

4. Add Custom HTTP Headers for Future Scans

If you'd like to distinguish Astra's traffic more clearly in the future, you can configure custom HTTP headers for requests made by Astra’s DAST scanner. This option is not available for pentest, but for DAST scans, you can easily add headers to identify the requests.

Click on the target to go to the Settings page.
Navigate to Advanced Settings.
Add the custom Header Name and Header Value you want Astra’s scanner requests to have.

Once configured, Astra’s DAST scanner will send requests with the custom header, making it easier for you to identify them in your access logs.

Updated on: 20/11/2024