These docs are for v1.1. Click to read the latest docs for v1.2.

Quickstart

Quick Tour of the User Interface

Option Description
   Scans This option enables you to view a list of previously run scans, currently run scans and future scheduled scans. It also allows you to define and schedule new scans, as well as to modify and rerun existing scans.

You can save and reuse a set of scan settings as a template to start another scan quickly. Bright provides you with the option to use one of the standard templates or to create a custom one. For more information see Managing Scan Templates.

   Projects This option enables you to distribute scanning tasks between different teams of your organization as well as to manage scanning and fixing the detected issues within each team. For more information see Managing Projects.
   Authentications This option allows you to create an authentication object and connect it for a scan. The authentication object is designed to grant Bright access to the protected parts of a target application. By using the authentication object, you enable complete coverage of a scan target. For more information see Managing Your Authentications.
   Repeaters A Repeater is a local agent that provides a secure connection between Bright cloud engine and a target on a local network. A Repeater enables you to securely scan targets on a local network without having to whitelist Bright IP address in your firewall. For more information see Managing Repeaters.
   Storage This option enables you to upload files to Bright and to manage your organization’s Bright storage. For more information see Managing Bright File Storage.
   Accounting and
         Billing
This option allows you to manage plan subscriptions, payment details and history. For more information see Accounting and Billing.
   Organization This option enables you to manage organization-level settings and policies. For more information see Managing Your Organization.
   Activity Log This option displays an audit log that shows vulnerability findings as well as user and system actions. The activity log provides multiple links that direct to the scan information across the Bright web application. Each user can only view log items within the scope of their permissions. For more information see Managing Activity Log.

Create / Invite all relevant users to their organization

Description: This step should be performed by the administrator, or skipped if you're entering the existing organization.
Status: optional

Details

Flow:

To start using the Bright app, you need to have an account. The account should be connected with an organization. It's possible to create a new account and organization manually, or get the invitation from your organization's administrator.

  • To create a new account and organization, visit the sign up page and then choose an option from Github, Google or email.
  • To login into your existing account, visit the sign in page and select an option from GitHub, Google, email, or use Single Sign-On (SSO) to join your organization. Bright supports Google, Okta, and Microsoft SSO options.

The maximum amount of users for the Free plan - is 3 persons. For the Enterprise plan, the maximum amount is 50 persons. It's possible to add more if you need, just contact your manager for details. Each user must have a specific role. Bright allows users to select one of the preconfigured roles or customize their own. Users can be organized into groups for easier administration.

To learn general information about user access and organization management, see the following links:

Create a project (target) and provide access/connectivity to the target

Description: This step describes what is a Repeater and how to set it up.
Status: required

Details

Flow:

The Bright Repeater is a scan proxy that provides a secure connection between the Bright Cloud engine and a target on a local network. The Repeater mode enables you to securely scan targets on a local network, without having to allowlist the Bright IP address in your firewall for incoming traffic.

To learn how to start a repeater, or set up a new one, use the Bright app built-in manual: → Quick-start wizard

To learn more about how to define a scan targets, see the following link:

Configure authentication flow

Description: To interact with complex targets, you need to have a well-adjusted authentication flow. This step contains authentication descriptions and manuals.
Status: required

Details

Flow:

The Bright app allows users to use 6 types of authentication:

  1. BBAO - (Browser-Based Form Authentication) - https://docs.brightsec.com/docs/configure-multi-step-browser-based-form-authentication
  2. RBBAO (Recorded Browser-Based Form Authentication) - https://docs.brightsec.com/docs/configure-recorded-browser-based-form-authentication
  3. Header Authentication - https://docs.brightsec.com/docs/configure-header-authentication-in-nexploit
  4. Custom API authentication flow - https://docs.brightsec.com/docs/configure-custom-multi-step-authentication
  5. OpenID Connect (OIDC OAuth) - https://docs.brightsec.com/docs/configure-oidc-connect-oauth
  6. NTLM authentication - https://docs.brightsec.com/docs/configure-ntlm-authentication

To learn how to configure the authentication flow, see the String Interpolation Syntax information below:

To learn more about the authentication types in Bright, see the following link:

Create a scan configuration

Description: Bright provides a variety of different settings for a scan. This step will help you to get familiar with the settings.
Status: required

Details

Flow:

  1. Choose and configure discovery type (Crawler and/or HAR / API)

    The Bright app interacts with a target using entrypoints. There are 3 ways to distribute entrypoints to the Bright app.
  2. Select tests:

    All tests are merged into buckets to ease the process of configuring a scan.
    Client-side attacks - Attacks targeting client UI and client-side code to steal user cookies impersonate the user and perform actions on his behalf.
    Server-side attacks - Attacks trying to exploit server-side architecture and code.
    API attacks - Attacks targeting API-based infrastructure and attempting to override API mechanisms and logic or run backend code.
    Legacy attacks - Attacks that haven't been widely exploited in the wild in recent times.
    CVE tests - Passive CVE signature-based tests
    Advanced / Harmful attacks - Attacks potentially causing a temporary disruption to the backend infrastructure. Use with caution and don’t target against production environments.
    Business logic attacks - Attacks attempting to bypass application logic's constraints, and manipulate legitimate functionality to achieve a malicious goal. Tests may lead to false positive findings.

    📘

    Note:

    To learn more about vulnerabilities and its remediations, see Vulnerability Guide.

  3. Run a scan and wait for the results

To learn how to create and configure a new scan, see the following link:

Analyze results & improve the configuration and run the next scan

Description: To make sure your next scan will be better than the previous one, use our FAQs to adjust the settings. Also, this step describes how to export customizable reports from the Bright app.
Status: required

Details **Flow:**

Create and download a scan report - https://docs.brightsec.com/docs/exporting-a-scan
Bright allows users to export scan reports and all projects' data. Reports are fully customizable and can be aligned with a variety of requirements.

To learn how to adjust the reports, see the following links:

To learn how to adjust a scan to have better results, see the following links: