- Checkmarx Documentation
- Checkmarx One
- Checkmarx One User Guide
- DAST (Dynamic Application Software Testing)
Checkmarx DAST (Dynamic Application Security Testing) is a language-agnostic security testing tool designed to identify vulnerabilities and security flaws in web applications and APIs by simulating real-world attacks. Integrate and automate DAST as part of your CI/CD process to ensure your applications are always dynamically tested in your runtime environment before being pushed to production.
DAST identifies the vulnerabilities in the code that attackers may exploit and fixes them before real-world attackers exploit them, saving time and money on repairs after a potential attack. DAST is useful for detecting server or database misconfigurations that affect web application security during runtime and can also catch authentication and encryption issues allowing unauthorized access.
Use Checkmarx DAST to enhance the security of your web applications and APIs and conduct dynamic tests to identify and address vulnerabilities not apparent in static code analysis. Quickly prevent potential security breaches and data leaks, protect your organization's sensitive information, and maintain your customers' trust.
Five competitive benefits of using Checkmarx DAST include:
Real-time Analysis: Checkmarx DAST evaluates applications while running, providing up-to-date results and detecting vulnerabilities that might arise due to recent changes or updates.
Accuracy: Checkmarx DAST's advanced scanning capabilities help reduce false positives, ensuring that identified vulnerabilities are legitimate security risks that require attention.
Comprehensive Coverage: Checkmarx DAST covers a wide range of web applications and API frameworks, enabling you to assess various parts of your applications effectively.
Integration Capabilities: Checkmarx DAST seamlessly integrates with existing development and security workflows, making it easier for teams to incorporate security testing into their development process.
Reporting and Analytics: Checkmarx DAST offers detailed reports and analytics, helping you better understand the security posture of your applications and prioritize remediation efforts efficiently.
To execute various actions in DAST, a user needs to be assigned one of the following permissions:
dast-admin - Manage Environments, Scans, update results and execute other actions in DAST.
dast-update-scan - Update a Scan's properties in DAST.
dast-update-results - Update results in DAST (severity, comments, etc.).
dast-create-scan - Create a new Scan in DAST.
dast-delete-scan - Delete a Scan in DAST.
dast-update-environment - Update an Environment in DAST.
dast-create-environment - Create a new Environment in DAST.
dast-external-scans - CI/CD user for executing actions related to External Workers.
dast-delete-environment - Delete an Environment in DAST.
dast-cancel-scan - Cancel a Scan in DAST.
Customer may not use the service in any manner that:
Is malicious or breaches any law or regulation;
Infringes any third party's rights, including but not limited to intellectual property rights;
Causes injury or damage to Checkmarx or any other person or entity;
Scans or tests any server, site, or application that is not owned or controlled by Customer;
Scans or tests any live production environment without the express knowledge of, and permission, from the owner(s) and operator(s) of the environment(s);
Results in unauthorized access to a third party's data, systems, or assets;
Disrupts, damages, disables, circumvents, or overburdens any aspect of the Service or any third party's systems or IT infrastructure;
Violates any of the terms and conditions of any legal agreement between Customer and any other person or entity; or
Would create liability for Checkmarx or its affiliates.
The customer represents and warrants that:
Use of the tool by Customer or its users shall not violate this AUP;
Each user of the tool has the authority to initiate scanning of the systems and assets selected;
The customer is solely responsible for any outcomes from using the tool, including but not limited to disruption to or compromise of systems, corruption to or loss of data; and
Customer maintains sufficient backup and disaster recovery procedures in case of any system compromise or business interruption arising from the Customer's use of the tool.
By using the DAST tool, the Customer acknowledges that use of the DAST tool is inherently risky and may cause significant disruptions or other negative effects to the systems or assets scanned. Customer agrees to indemnify, defend and hold harmless Checkmarx and its Affiliates, directors, officers, employees, and agents from and against any and all claims, demands, suits, losses, costs, expenses, fines, penalties, damages, or liabilities which arise from or related to any use of the tool in violation of this AUP by Customer or its users. Customer agrees to promptly notify Checkmarx in the event of any known claims, demands, or potential liabilities arising out of Customer's use of the tool.