Add Entrypoints to your Project
Bright provides the following methods of finding Entrypoints. Use links to the relevant articles to get more details.
Crawler
Bright can crawl your web application to define the attack surface. This option does not require any details that might get you tangled. To run a security scan using a crawler, you simply need to specify the target URL in the URL field. Learn more about a Crawler.
.HAR-file
An HTTP Archive File (.HAR file) is a recorded user interaction session with an application. The .HAR file keeps all the HTTP requests and responses between the web client and web application. You can use a pre-recorded .HAR file when running a security scan. Using the data contained in the .HAR file, Bright defines the attack surface and ensures complete coverage of the scan scope. Learn more about .HAR-files in Bright.
API Schema
Bright supports the following API schema versions: Swagger 2+, OpenAPI 3+, and Postman 2+. You don't need an ideal API schema; you can upload the one you have. All you need to do is fix it once. Learn more about API Schemas.
GraphQL Schema file
Bright provides a possibility to specify a GraphQL endpoint link for introspection. Learn more about how to add Entrypoints using GraphQL.
Single Entrypoint
You can manually add a single Entrypoint using an in-app tool and then fix it if it has connectivity problems. Learn more about how to add fix Entrypoints.
Updated 2 months ago