A CTAS is a special server that host all Paterva’s OSINT transforms and executes them when requested by Maltego Desktop Client.

CTAS stands for Commercial Transform Application Server.

The CTAS server includes transforms for gathering OSINT from common sources on the Internet which includes querying DNS servers, search engines, social networks, various APIs and other sources. A full list of the transforms that are included with CTAS can be found in our transform guide here.

A private CTAS allows you to host all Paterva’s OSINT 

transforms from within your organization.

CTAS is almost an exact copy of Paterva’s public CTAS except it can be hosted internally within your organisation. This means you can run all Paterva’s standard OSINT transforms without having your requests going over Paterva’s infrastructure.

Why use a private CTAS?

Out-of-the-box Maltego clients use Paterva’s public CTAS server to run transforms that are located on the Internet and used by other Maltego users. A private CTAS is for customers performing sensitive investigations – when they want to keep their transform requests private. Although Paterva will never log the questions asked or their answers when a transform query is run on our public server, some customers still prefer the peace of mind provided by hosting their own copy of our CTAS. You can see what is logged when a transform is run on Paterva's public transform servers here.

A private CTAS also includes a management console where the server status can be viewed as well as other basic server configurations can be performed.

Technical Details

  • CTAS is now delivered in two methods:
    • as a docker image.
    • as a VM image in OVA format which is pre-configured with docker containers. If you want to use the image with other virtual machine providers you’ll need to convert it using the respective converters.
  • The server is delivered as a virtual format that is downloaded on to a computer and no hardware is included.
  • The docker image of the server is a snapshot of container built on a Ubuntu 16.04 LTS base.
  • The VM image in OVA format is built on Ubuntu 18.04 LTS base providing a hassle-free deployment of the docker containers in a hypervisor.
  • The search engine transforms use the Bing Web-Search API & IBM transforms use IBM Watson API. These are paid-for services that are priced (by Microsoft & IBM) according to use. Server administrators should apply for their own API keys as these are not included in the default server image.
  • Hardware Requirements:
    • The virtual server requires at least 2GB of RAM, but the more the merrier.
    • Any modern multi-core processor will have more than enough processing power.
    • 25GB of storage space should be more than enough.
  • Network Requirements:
    • CTAS needs to have Internet access as the transforms running on the server will need to make connections to various online services.
    • CTAS needs the following outgoing ports to be open: 80, 443, 25, and others (data provider specific). This list will increase in the future as more transforms are created and we recommend that you do not limit the server from making outgoing connections to the Internet.
    • Incoming connections need only to be on TCP port 443 and from the various clients IP addresses that wish to use the server.