Whitelisting requirements for Invicti Standard
Accurate scans of your targets require proper network access configuration. Follow these steps to configure whitelist settings:
Outbound connections
Invicti Standard outbound connections
Ensure that your network infrastructure permits Invicti Standard to establish outbound connections to:
Scope | Destination |
Scanning requests to your Target | IP Address / URL for your Target, including destination port |
VDB Database Download; Update notifications | https://www.invicti.com |
API Calls to the Hawk service for out-of-band vulnerability checking | https://r87.me |
API Calls for Invicti Licensing and Target Management | https://service.invicti.com |
API Calls to the IAST Bridge | https://iast.invicti.com |
Integration with Invicti Enterprise OnDemand (US) | https://www.netsparkercloud.com |
Integration with Invicti Enterprise OnDemand (US2) | https://ie.invicti.com |
Integration with Invicti Enterprise OnDemand (EU) | https://eu.netsparker.cloud |
Integration with Invicti Enterprise OnDemand (CA) | https://ca.netsparker.cloud |
Integration with Acunetix 360 OnLine | https://online.acunetix360.com |
Integration with Invicti Enterprise OnPremises | IP or URL of your Invicti Enterprise Main Installation |
Shark outbound connections
Ensure that your network infrastructure permits any Shark agent deployed in your target web application to establish outbound connections to:
Scope | Destination |
API Calls to the IAST Bridge (default) | https://iast.invicti.com |
Inbound connections
Your target accepting inbound connections
You must ensure that your target's network infrastructure whitelists incoming connections from:
Scope | Source |
Incoming scanning requests | IP or URL of your Invicti Standard Installation |