Scan Central SAST and Docker

Is anyone using Scan Central with Docker?

I am wondering how to go about planning a Scan Central Service.


I have run a proof of concept on a set of VMs. Jimmy Rabon and team seemed to do a great job with the functionality (shame he went to Synopsys).

Anyhow, if I have a couple of VMs running all the time I can see how this works.

But our primary SSC is in Docker with HELM.

The Docker model seems to be that one spins up more resources when you need them (hint - would be great if the SSC could have more workers to scale out!).

So I kind of envisage a pool of Scan Central Clients - expect I wouldnt know how to allow the SSC to have an expanding/contracting set of workers.

On WIE it was possible to add sensors dynmically - you didnt need to reboot the instance.

But on SSC it seems very static

Anyone else running SSC with Scan Central and an elastic set of workers?? Plus - the model is normally:

1 - user sends request to scan

2 - an agent via SSC accepts the job, runs it, and status can be polled via client

3 - run completes, FPR is stored on the agent machine for a period of time - if client doesnt grab result in that time it is discarded

so all of this points to having dedicated servers that run all the time -and this isnt the Docker model - well not the scale out model. Cos as soon as the container is destroyed then all the results would go (unless we persist the data, but even if we do that we wont be able to contact the client - it is dead) ... so I dont think it can run that way??

Any thoughts are much appreciated.

Best regards