Topics on this page
Agents can only be installed in Linux environments. Windows is not supported.
Application Security's Python agent is compatible with the following packages:
|Python||3.5 to 3.8|
|Django||2.0 to 3.2|
|Flask||0.11 to 2.0|
|Pyramid||1.6 to 2.0|
|Tornado||5.1 to 6.1
supported on Python 3.6+
Code protection features
The agent can protect WSGI web applications, Tornado applications, and AWS Lambda functions. Additionally, some code protection features have more specific requirements to function properly when enabled, listed in the table below. No dependencies indicates the code protection feature doesn't require specific components.
|Remote Command Execution||
|Remote Command Execution: HTTP Params||
|Illegal File Access||
|Malicious File Upload||
Download the agent
The Python agent is available from the Download page.
Install the agent
To install the agent, follow these steps:
- Add the Application Security package to requirements.txt:
- Run pip to install the package:
pip install -r requirements.txt
- Import the
trend_app_protect.startmodule at the top of your WSGI script:
- Carry out one of the following to configure the agent key and secret:
- Set the
TREND_AP_SECRETenvironment variables. The Key and Secret can be found under Group Settings > Group Credentials.
- Create the
trend_app_protect.inifile. It should be placed either in the root of the project or under
/etc(but the environment variables will still take precedence over the
[trend_app_protect] key = my-key secret = my-secret
- Set the
Configure the agent to communicate with the proper Trend Micro Cloud One region
If you are using a Cloud One region other than 'us-1', you need to configure the agent's connectivity for the region.