Bright is a powerful dynamic application & API security testing (DAST) platform. With its powerful automation and integration capabilities, Bright allows developers to scan multiple targets, uncover security vulnerabilities without false positives, get detailed reports on every finding, and quickly fix security issues by following the remediation guidelines.
- Automatically Tests Every Aspect of Your Apps & APIs
Scans any target, whether Web Apps, APIs (REST. & SOAP, GraphQL & more), Web sockets or mobile, providing actionable reports.
- Spin-Up, Configure and Control Scans with Code
One file. One command. One scan. No UI needed.
- Super-Fast Scans
Interacts with applications and APIs, instead of just crawling them and guessing.
Scans are fast as our AI-powered engine can understand application architecture and generate sophisticated and targeted attacks.
- No False Positives
Stop chasing ghosts and wasting time. Bright doesn’t return false positives, so you can focus on releasing code.
- Comprehensive Security Testing
Bright tests for all common vulnerabilities, such as SQL injection, CSRF, XSS, and XXE - as well as uncommon vulnerabilities, such as business logic vulnerabilities.
Bright provides the following options for interacting with its engine. All of these can be used for all Bright deployment options (SaaS, private cloud, Repeater mode).
- Bright App – See Quickstart for a quick workflow overview of how to use the Bright App.
- Bright CLI – See Getting Started with Bright CLI for a quick instruction on how to start with the Bright CLI.
- Bright REST API – See About Bright API for the reference to the Bright API guide.
You can integrate Bright with your development and management tools to simplify and automate the process of testing your applications and APIs. You can start scans, view detailed reports on every detected vulnerability, as well as solve security issues without leaving your development environment.
Bright enables you to configure integration with your CI pipelines or ticketing systems by using the Bright App, CLI or API. To simplify access the Bright account, you can also use the Single Sign On (SSO) capabilities. Some integrations require valid predefined API keys that you should create in the Bright App.
- To read how to configure SSO integration, see Configure Single Sign-On
- To read how to configure integration with a CI pipeline, see Integrate Bright with Your CI Pipeline
- To read how to configure integration with a ticketing system, see Integrate Bright with Your Ticketing System
Updated 4 months ago