What is Beagle Security Cosmog?
The Cosmog configuration allows you to run security tests for applications in your internal network without having to expose them on the internet.
The Cosmog client installed in your internal network connects with the Cosmog server to establish a secure link between the Beagle Security testing engine and your organization's private network.
A single installation is enough to run tests for all the applications in your internal network. If required, you have the option to set up different profiles, each responsible for a separate internal network or location.
Once you start a security test, the Cosmog server will be ready to accept connections from the on-prem client. All you have to do is start the Cosmog client. Once you initiate the client, a secure encrypted channel is established between Beagle Security and your network. This makes sure that all traffic for the penetration test is end-to-end encrypted and protected.
Adding a profile
Click on your profile dropdown and select Settings
Select Organization --> Cosmog configuration
Click on Add New Profile button
Give it a Profile name, select Bridge IP address, Test IP range and click Save
Bridge IP address – A unique IP address that needs to be assigned for the Cosmog client. Make sure that the IP address is not assigned to any other internal devices or systems.
Test IP range – The IP address/IP range of the application(s) that need to be security tested. It should be specified as CIDR range.
Installation process
For installing the Cosmog client in your network, follow the below procedure:
Click on your profile dropdown and select Settings
Select Cosmog configuration under Organization
Select a Profile and click on the Install button
From the resulting pop-up modal, select the installation type and the platform
Copy the command and run it on your host machine
Note: If your host machine runs on Mint, Ubuntu, etc you can select the Platform as Debian and if it's Fedora, Red Hat, etc you can select Platform as centOS.
How to add an internal application and start a test?
While adding a new application, you can select whether it’s a Public or Internal application
After selecting Internal, you can then select whether it’s a web application or API and provide the Project Name and Application name
Next, select the relevant Cosmog client profile, enter the URL and port number. By default, the port will be selected as 80
Click on the Test button to check the connection
Add user input (if required) and click on the Start test button