Dynamic Analysis Glossary of Terms

Dynamic Analysis

This table of terms helps you understand the basic concepts and terminology we use when scanning with Dynamic Analysis.

The goal of Dynamic Analysis is to scan your web applications or API specifications for vulnerabilities. A Dynamic Analysis is a container of one or more web application URLs or API specifications. Each Dynamic Analysis has a default configuration that you can customize. You can also configure application-specific settings for each URL or API endpoint, such as login settings.

Term Definition
Dynamic Analysis The scan of one or more web application URLs or API endpoints.
Dynamic Analysis Blocklist A list of URLs that you do not want the Dynamic Analysis to scan.

Note: The URLs that you add to the blocklist at the URL-specific level take precedence over the URLs in this blocklist. For example, if you blocklist a URL in your URL configuration, but not in the configuration of the whole Dynamic Analysis, the URL configuration blocklist determines which URLs are scanned or not.

Dynamic Analysis Configuration The general configuration settings for a Dynamic Analysis. It includes blocklisted URLs and user agent strings.
URL Configuration The detailed configuration of a specific URL in an occurrence of a Dynamic Analysis. It includes URL blocklists and allowlists, login settings, and user agent details.
Vulnerability An exploitable weakness found during a Dynamic Analysis scan.