LogoLogo
Book a Demo
  • Introduction
  • Getting Started
    • Install
    • Configuration - General
    • Configuration - Code
    • Configuration - Dependencies
    • Configuration - Containers
    • Configuration - Secrets
    • Configuration - Attack Surface Monitoring
  • Features
    • Code Scanning
      • Custom Rules
      • Supported Languages
    • Dependency Scanning
      • Supported Package Managers
    • Secrets Scanning
      • Supported Secret Types
      • Confidential Information
    • Web App Penetration Testing
      • Quickstart
      • Supported Applications
      • Apps in Private Networks
      • Custom Rules
    • Orchestration
  • Integrations
    • GitHub
      • Repository Issue Dashboards
    • Bitbucket
      • Repository Dashboards
    • Slack
      • Install
    • Jira
      • Install
      • Configuration
      • Assignee
      • Priorities
      • Manual Ticket Creation
    • AWS
      • Prerequisites
      • Configuration
  • API Reference
    • Nullify API
      • Authentication
      • Pagination
      • Admin
      • Code Scanning (SAST)
      • Dependency Scanning (SCA)
      • Secrets Scanning
      • Dynamic Scanning (DAST)
  • Enterprise Tier
    • GitHub Install
    • Azure DevOps Install
  • More Info
    • About Us
    • Latest Updates
    • Security
    • Data Handling Policy
Powered by GitBook

© 2023 Nullify | All Rights Reserved.

On this page

Was this helpful?

  1. Features

Web App Penetration Testing

PreviousConfidential InformationNextQuickstart

Last updated 7 months ago

Was this helpful?

API DAST (Dynamic Application Security Testing) scans your application from the outside, simulating real-world attacks to find vulnerabilities.

This approach helps identify vulnerabilities that may be missed by static code scans, such as runtime issues, configuration errors, and authentication problems. By performing DAST scanning, you can ensure a more comprehensive security assessment of your API endpoints.

Nullify DAST can be integrated into CI/CD pipelines for continuous dynamic scanning by adding a DAST scan step in your pipeline configuration. This ensures that every code change is dynamically tested for vulnerabilities before deployment.

For one-off scans, you can manually trigger a DAST scan using the Nullify CLI or web dashboard, providing flexibility to test specific API endpoints as needed.

Follow the to get started with API testing.

Quickstart guide