Veracode Dynamic Analysis is a Dynamic Application Security Testing (DAST) solution that delivers an automated and scalable dynamic scanning capability that enables broad coverage at speed. You can scan web applications or API specifications.
You can use Dynamic Analysis to:
- Run security tests against live web applications in the late stages of development, such as test or quality assurance, or applications in production.
- Scan API specifications to test the security of your API endpoints.
You access Dynamic Analysis from the Veracode Platform. Veracode also provides Dynamic Analysis REST APIs to automate dynamic scanning tasks.
Dynamic scans detect potential attack points by crawling web applications and API specifications and checking for vulnerabilities that put the applications at risk of attack.
Veracode Dynamic Analysis integrates with Veracode Discovery, which analyzes web application perimeters and searches for web applications within a defined IP address range or list of known hosts. Veracode also provides Veracode Internal Scanning Management (ISM) to access applications and API specifications behind a firewall.