Skip to main content

DAST (Dynamic Application Software Testing)

Checkmarx DAST (Dynamic Application Security Testing) is a language-agnostic security testing tool designed to identify vulnerabilities and security flaws in web applications and APIs by simulating real-world attacks. Integrate and automate DAST as part of your CI/CD process to ensure your applications are always dynamically tested in your runtime environment before being pushed to production.

DAST identifies the vulnerabilities in the code that attackers may exploit and fixes them before real-world attackers exploit them, saving time and money on repairs after a potential attack. DAST is useful for detecting server or database misconfigurations that affect web application security during runtime and can also catch authentication and encryption issues allowing unauthorized access.

Use Checkmarx DAST to enhance the security of your web applications and APIs and conduct dynamic tests to identify and address vulnerabilities not apparent in static code analysis. Quickly prevent potential security breaches and data leaks, protect your organization's sensitive information, and maintain your customers' trust.

Five competitive benefits of using Checkmarx DAST include:

  • Real-time Analysis: Checkmarx DAST evaluates applications while running, providing up-to-date results and detecting vulnerabilities that might arise due to recent changes or updates.

  • Accuracy: Checkmarx DAST's advanced scanning capabilities help reduce false positives, ensuring that identified vulnerabilities are legitimate security risks that require attention.

  • Comprehensive Coverage: Checkmarx DAST covers a wide range of web applications and API frameworks, enabling you to assess various parts of your applications effectively.

  • Integration Capabilities: Checkmarx DAST seamlessly integrates with existing development and security workflows, making it easier for teams to incorporate security testing into their development process.

  • Reporting and Analytics: Checkmarx DAST offers detailed reports and analytics, helping you better understand the security posture of your applications and prioritize remediation efforts efficiently.


To execute various actions in DAST, a user needs to be assigned one of the following permissions:

  • dast-admin - Manage Environments, Scans, update results and execute other actions in DAST.

  • dast-update-scan - Update a Scan's properties in DAST.

  • dast-update-results - Update results in DAST (severity, comments, etc.).

  • dast-create-scan - Create a new Scan in DAST.

  • dast-delete-scan - Delete a Scan in DAST.

  • dast-update-environment - Update an Environment in DAST.

  • dast-create-environment - Create a new Environment in DAST.

  • dast-external-scans - CI/CD user for executing actions related to External Workers.

  • dast-delete-environment - Delete an Environment in DAST.

  • dast-cancel-scan - Cancel a Scan in DAST.