Traces and Scans
What is a trace? And a scan?
A Trace is a log file containing all the calls made by an application to its cryptographic libraries. It is produced by running the application along with an appropriate Cryptosense Tracer.
A Scan is a file containing a list of cryptographic artifacts discovered by scanning the files on a filesystem using the Cryptosense Filesystem Scanner.
Traces and scans are written in a JSON format suitable for analysis by Cryptosense Analyzer Platform.
How do I get hold of Tracers and Scanners?
If you are a SaaS user, you can download the Java tracer agent and the Filesystem Scanner by logging in to your analyzer.cryptosense.com account, then clicking on the 'Download Tracer' or 'Download Scanner' buttons on the Traces tab.
If you are an on-prem user, your Cryptosense contact will have sent you all the Tracer and Scanner versions that you require.
Do you have sample data?
Yes we do! You can download a sample trace from the Traces tab of a Project once logged into your Analyzer account. From the Dashboard at first login, go to the Projects tab, select a Project, click View Project, then go to the Traces tab. You can use the sample trace to generate your first report .
Making Traces and Scans
How do I get a trace from my application?
To get a trace you need to run the application with the appropriate Tracer installed. Usually you will run the application through some existing test suite like a set of integrations tests, to exercise all the relevant cryptography. For more details, refer to the relevant Tracer manual.
Making Traces can also be automated as part of a CI process. See our Maven and Gradle plugins, for example.
Someone else at my organization will make the trace for me, what should I ask them to do?
We've prepared an email that explains all the details.
How do I make a scan?
You can scan a filesystem or a container image use the Filesystem Scanner. Refer to the Filesystem Scanner manual for more details.
For enterprise customers, making scans can also be automated at scale using the Tanium endpoint manager. Contact Cryptosense sales for more details.
How do I upload my trace?
To upload the trace interactively, after logging in to Cryptosense Analyzer Platform, click on "Upload New" next to the Traces box.
To automate Trace upload, you can use our GraphQL API, either via one of our CI Plugins, the command-line client, or using a tool like curl (see some example Python scripts).
My trace is very big, can I upload it compressed?
Yes, most tracers gzip the trace on the fly and you can upload it in gzipped format. If you already have a large uncompressed trace, you can compress it yourself with gzip and then upload it. You can also upload trace uncompressed, of course.