Quick Clip: Dynamic Application Security Testing (DAST) Scans With the Context Developers Need

Transcript:

We show you the type of attack, or rather the type of vulnerability, the component, and how many times it occurred. Here, the alert, again, while it shows you things like the resolution and the references, the path that it existed in, the method in which this was invoked, there’s some actual cool stuff that we show here on the right hand side. We collect things like the method. In this case, it was a post. The confidence level, the evidence, but we also show you the request and response. Here you can see what the request header was, the request body, the response header, as well as the response body. Now from a developer’s perspective, if they wanted to replay this, we provide this really nifty command, or rather curl command. When you click this, you actually get a curl command with the actual post url, as well as all the header parameters that were passed to it to be able to simulate this on your local development environment. This makes it very easy for the developer to be able to see what’s going on.