Dynamic Application Security Testing (DAST)
Test and Improve Web-Application Security with FortiDAST
Download Data Sheet View Live Demo
Overview
FortiDAST performs automated black-box dynamic application security testing of web applications to identify vulnerabilities that bad actors may exploit. FortiDAST combines advanced crawling technology with FortiGuard Labs’ extensive threat research and knowledge base to test target applications against OWASP Top 10 and other vulnerabilities. Designed for Development, DevOps and Security teams, FortiDAST generates full details on vulnerabilities found - prioritized by threat scores computed from CVSS values – and provides guidance for their effective remediation.
How It Works
FortiDAST employs a powerful crawler and expert-designed fuzzers to crawl and test your web applications for vulnerabilities, simulating tactics threat actors would take in the real world.
Deployment Flexibility
FortiDAST provides multiple deployment options to best fit your organization's needs.
Want Full CI/CD Pipeline Coverage?
Fortinet provides DevSecOps teams with vulnerability scanning solutions to cover the entire CI/CD pipeline or Software Development Life Cycle (SDLC). Customers can choose FortiDevSec (integrated with FortiDAST) for scanning of applications both in development and production phases. FortiDAST is also natively integrated with major CI/CD tools.
Features and Benefits
BLACK-BOX TESTING
Automate front-end or black-box testing of web apps against OWASP Top 10 and other vulnerabilities
ADVANCED CRAWLING
Use advanced crawling to reach and scan all web application branches and pathways
VULNERABILITY SCANNING
Find run-time application security issues and bugs
RISK ANALYSIS
Analyze threats and misconfigurations that pose risk based on threat scores calculated from CVSS values
FUZZER EXPERTISE
Get top efficacy using fuzzers and tests skillfully written by Fortinet experts
CI/CD COVERAGE
Get full CI/CD lifecycle coverage through native integration with major tools and FortiDevSec
FortiDAST Use Cases
Scan important web applications for critical vulnerabilities that may expose risk to your organization.
Test Web Applications
Proactively protect web applications with automated scanning to identify and prioritize vulnerabilities, including the OWASP Top 10. Receive guidance for remediation.
Integrate With CI/CD
Combine FortiDAST with major CI/CD tools including FortiDevSec for full-lifecycle testing.
Full Dashboard Visibility
FortiDAST provides a simple, intuitive console for comprehensive visibility into scheduled scans and scan results across your targeted web applications.
Advanced Crawler
FortiDAST employs an advanced crawler to explore all branches and pathways present in web applications. In addition, FortiDAST supports authenticated crawling.
360 View of Scan Activity and Results
Granular reporting on scan results gives DevSecOps members the insights needed for insights on specific web applications.
Prioritization of Vulnerabilities
FortiDAST helps you prioritize remediation based on risk rankings of vulnerabilities identified through testing.
Report Generation
Generate reports on the fly for informing leadership of vulnerabilities in web applications and associated risk. Provide reporting to auditors for demonstrating compliance.
Powerful Scanning, Affordably Priced
Fortinet provides effective and affordable vulnerability scanning for your most important web applications.
$3,000
(1 Year)
✓ 10 FQDNs
✓ Unlimited Scans
Cloud Security
The most effective security requires cross-cloud visibility. Fortinet Cloud Security Solutions allow you the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity in your data center and across your cloud resources while maximizing the benefits of cloud computing.
查看更多解決方案手冊、eBook、產品資料表、分析師報告。 Go to Resource Center >
Learn more about FortiDAST 聯絡我們 >
