What is Bright DAST?
Build Secure Apps & APIs. Fast.
Bright is a powerful dynamic application & API security testing (DAST) platform. With its powerful automation and integration capabilities, Bright allows developers to scan multiple targets, uncover security vulnerabilities without false positives, get detailed reports on every finding, and quickly fix security issues by following the remediation guidelines.
Features
- Automatically Tests Every Aspect of Your Apps & APIs
Scans any target, whether Web Apps, APIs (REST & SOAP, GraphQL & more), or mobile, providing actionable reports. - Spin-Up, Configure, and Control Scans with Code
One file. One command. One scan. No UI is needed. - Super-Fast Scans
Interacts with applications and APIs, instead of just crawling them and guessing.
Scans are fast as our AI-powered engine can understand application architecture and generate sophisticated and targeted attacks. - No False Positives
Stop chasing ghosts and wasting time. Bright doesn’t return false positives, so you can focus on releasing code. - Comprehensive Security Testing
Bright tests for all common vulnerabilities, such as SQL injection, CSRF, XSS, and XXE - and uncommon vulnerabilities, such as business logic.
Interaction options
Bright provides the following options for interacting with its engine. These can be used for all Bright deployment options (SaaS, private cloud, Repeater mode).
- Bright App – See Quickstart for a quick workflow overview of using the Bright App.
- Bright CLI – See Getting Started with Bright CLI for quick instructions on how to start with the Bright CLI.
- Bright REST API – See About Bright API for the reference to the Bright API guide.
Integration capabilities
You can integrate Bright with your development and management tools to simplify and automate the process of testing your applications and APIs. You can start scans, view detailed reports on every detected vulnerability, and solve security issues without leaving your development environment.
Bright enables you to configure integration with your CI pipelines or ticketing systems using the Bright App, CLI, or API. To simplify access to the Bright account, you can also use the Single Sign On (SSO) capabilities. Some integrations require valid predefined API keys that you should create in the Bright App.
- To read how to configure SSO integration, see Configure Single Sign-On
- To read how to configure integration with a CI pipeline, see Integrate Bright with Your CI Pipeline
- To read how to configure integration with a ticketing system, see Integrate Bright with Your Ticketing System
Updated over 1 year ago