S4E On-Premises is a self-hosted deployment of the Security For Everyone (S4E) Continuous AI-Based Security Operations platform. It brings the full power of S4E's vulnerability scanning, asset discovery, and threat intelligence capabilities into your own infrastructure — running entirely on Docker Compose on a single Linux server.
Why On-Prem?
Organizations choose S4E On-Prem when they need:
- Data sovereignty — all scan results, asset inventories, and vulnerability data remain within your network.
- Internal scanning — scan private IP ranges, internal domains, and applications behind corporate firewalls that are not reachable from the internet.
- Regulatory compliance — meet mandates (PCI-DSS, ISO 27001, SOC 2) that require data residency controls.
- Air-gapped support — operate in environments with limited or no outbound internet access.
- Custom scaling — size CPU and memory allocations to match your scan volume.
Platform Components
S4E On-Prem runs as a set of Docker containers orchestrated by Docker Compose:
| Layer | Components |
|---|---|
| Web | Frontend application |
| API | Core API, Public API, Admin API, Integration API |
| Real-time | Server-sent event stream, AI assistant |
| Orchestration | Scan trigger, Scheduler, Dispatcher, Scan pre-processor |
| Workers | Vulnerability scanner, Web crawler, Action runner |
| Sync | Template puller (pulls scan templates from S4E Cloud) |
| Tools | Headless browser, PDF converter |
| Data Stores | Relational DB, Cache, Document store, Object storage |
| Messaging | Message broker |
| Management | Template registry, Database UI, Container management UI |
| Proxy | Reverse proxy with TLS termination |
Documentation Sections
| Section | Description |
|---|---|
| Overview | Architecture, deployment model, and differences from the Cloud edition |
| Deployment | System requirements and step-by-step installation guide |
| Configuration | Environment variables, SMTP, DNS, and resource tuning |
| Services | Reference for each microservice |
| Usage | Scanning internal assets, actions & playbooks, monitoring |
| Troubleshooting | Logs, common errors, and recovery procedures |
Quick Start
- Request the setup package from your S4E account representative.
- Review the system requirements.
- Follow the installation guide.
- Add the generated host entries to your DNS or
/etc/hosts. - Log in at
https://app.<your-domain>and start scanning.
Need help?
Contact the S4E team for deployment assistance, or consult the troubleshooting section for common issues.