Scanner Deployment
Please note that the steps to deploy a Shield scanner has changed. The latest streamlined deployment instructions can be found below.
1
Deploy a Dedicated Shield Scanner
Users should deploy a dedicated Shield scanner (Debian GNU/Linux OS preferred) to install the Shield scanner software on to perform network-based vulnerability scans.
2
Execute the Shield Scanner Installation Script
Navigate to the Deployment page, within the Internal Network tab, and click into the Network-based deployment pane. Enter a location name for the scanner that is going to be deployed, copy the command out of the platform, and execute the script on the machine that has been setup.
3
Confirm the Scanner has been Successfully Linked
Navigate to the Settings page, under the Scanners > Shield tab and confirm that the scanner location deployed is linked to Shield.
Debian GNU/Linux OS Install (Preferred)
To install on a Debian Linux based OS, there is a single script that can be downloaded and executed to install and start the Shield service.Minimum Recommended Specs
Type | Specs |
---|---|
CPU | 4 2GHz cores |
Memory | 8 GB RAM |
Disk Space | 50 GB (not including space used by the host OS) |
Deployment
The consolidated Deployment page has now been configured to provided users with automated scripting to install and link scanners to the specified subscription. To manage all of the deployments for the network-based scanners, please navigate to the Internal Network Deployment page and click into the Network-Based, insert the Location value to generate the single deployment command to install the scanner.
sudo service ShieldCyber.Agent.Shield status
And the output of this command should state that the service is idle:

Network Communications
Please note in order to communicate to the Shield Platform, outbound access over 443/tcp will need to be enabled to the following Shield Cyber API endpoint https://api.shieldcyber.io/api/
Windows OS & MacOS Install
There are limitations installing the Shield scanner on Windows systems. Specifically, to run the scanner, the Windows host needs to have Docker Desktop installed which can only run on Windows workstations. Additionally, the installation process is not as automated as the Linux versions of the deployment. Users with the Windows or MacOS version of the scanner will need to install the Shield service alongside the scanner.Dependencies
To install the Shield scanner successfully on a Mac or Windows 10/11 OS, WSL (Windows only) and Docker Desktop need to be installed and available. Once Docker Desktop is installed, make sure the Docker engine is started before attempting to install the Shield Scanner.Install & Configure the Shield Scanner
- Download and unzip this repository: Shield Scanner
- Unzip the folder contents
- Navigate to the ShieldCyber-REST-API-main folder
- Open the example.env file within a text editor & change the
yourpasswordhere
value and save - Re-name the example.env file to .env
- Open a command prompt as administrator, and navigate to the ShieldCyber-REST-API-main folder
- Install and start the Shield scanner with the following command:
docker compose up -d