Skip to main content

Veracode DAST Essentials

Veracode DAST Essentials is a Dynamic Application Security Testing (DAST) solution that you use to quickly assess the security risks of your web applications and APIs. The assessment identifies vulnerabilities in your web applications or APIs and provides guidance for you to mitigate these vulnerabilities and prevent future attacks.

To get started, see the DAST Essentials quickstart and review the FAQs.

You can also scan web applications and scan APIs with Dynamic Analysis in the Veracode Platform and using the REST APIs.

Benefits

You can use DAST Essentials to:

  • Gain comprehensive visibility into your application attack surface with DAST Essentials. It integrates with EASM to analyze web application perimeters and identify web applications within defined IP address ranges or known hosts.
  • Continuously scan for vulnerabilities and monitor flaws real-time.
  • Greater scan setup flexibility, including scanner selection and AI-Assisted Login capabilities for complex authentication.
  • Define and manage policies for securing your web applications and APIs.
  • View analysis results that you can use to make informed plans, communicate performance metrics, and produce the evidence necessary to meet regulatory requirements.
  • Work efficiently with a modern, intuitive user experience built for streamlined security workflows.

Prerequisites

Before using DAST Essentials, ensure you meet the prerequisites.

Discover assets

To discover your organization's web applications and APIs that you can scan with DAST Essentials, use Veracode EASM. EASM is integrated with DAST Essentials.

Access DAST Essentials

To access DAST Essentials, sign in to the Veracode Platform and select Scans and Analysis > DAST Essentials. Then, create an analysis.

You can also automate dynamic scanning tasks using the REST API. For additional testing coverage of your web applications and APIs, consider contacting Veracode to schedule penetration testing on your assets.

Scan internal web apps and APIs

To analyze web applications and APIs behind a firewall, set up Internal Scanning Management (ISM).

Last updated on