What is Bright DAST?
Build Secure Apps & APIs. Fast.
Bright is a powerful dynamic application & API security testing (DAST) platform. With its powerful automation and integration capabilities, Bright allows developers to scan multiple targets, uncover security vulnerabilities with minimal false positives, get detailed reports on every finding, and quickly fix security issues by following the remediation guidelines.
Features
- Automatically Tests Every Aspect of Your Apps & APIs
 Scans any target, whether Web Apps, APIs (REST & SOAP, GraphQL & more) or mobile, providing actionable reports.
- Spin-Up, Configure and Control Scans with Code
 One file. One command. One scan. No UI needed.
- Super-Fast Scans
 Interacts with applications and APIs, instead of just crawling them and guessing. Scans are fast as our AI-powered engine can understand application architecture and generate sophisticated and targeted attacks.
- Minimal False Positives
 Bright keeps false positives to a minimum, letting you focus on real issues and release better code faster.
- Comprehensive Security Testing
 Bright tests for all common vulnerabilities, such as SQL injection, CSRF, XSS, and XXE - as well as uncommon vulnerabilities, such as business logic vulnerabilities.
 
Interaction options
Bright provides the following options for interacting with its engine. All of these can be used for all Bright deployment options (SaaS, private cloud, Repeater mode).
- Bright App – See Quickstart for a quick workflow overview of how to use the Bright App.
- Bright CLI – See Getting Started with Bright CLI for a quick instruction on how to start with the Bright CLI.
- Bright REST API – See About Bright API for the reference to the Bright API guide.
Integration capabilities
You can integrate Bright with your development and management tools to simplify and automate the process of testing your applications and APIs. You can start scans, view detailed reports on every detected vulnerability, as well as solve security issues without leaving your development environment.
Bright enables you to configure integration with your CI pipelines or ticketing systems by using the Bright App, CLI or API. To simplify access the Bright account, you can also use the Single Sign On (SSO) capabilities. Some integrations require valid predefined API keys that you should create in the Bright App.
- To read how to configure SSO integration, see Configure Single Sign-On.
- To read how to configure integration with a CI/CD pipeline, see Integrate Bright with Your CI/CD Pipeline.
- To read how to configure integrations with a ticketing system, communication and others - see Integrations Overview.

Updated 3 months ago