DAST Scanner: New features and improvements
2024-4-17 17:54:7 Author: securityboulevard.com(查看原文) 阅读量:3 收藏

DAST Scanner: New features and improvements

We are excited to announce the updates to our DAST scanner, helping you achieve improved performance and obtain better results when testing your APIs.

What's new

  • OpenAPI specification merging: Escape now supports the merging of OpenAPI Specifications. This is especially handy for specs that utilize external component references or are divided into smaller segments, commonly found in micro-services architectures.
  • Simplified advanced settings: We’ve revamped the advanced configuration settings in Escape. The new user interface makes it easier to configure scan environment networks and authentication methods, complete with detailed validation logs.
  • New step-by-step coverage improvements: You can now understand how to improve the scan quality, step by step. Indeed, the health score of your scanned apps is only useful if the DAST is properly configured.

Why?

Here are the key benefits of Escape's new DAST features :

  • Simplified API management: Security engineers often handle complex API architectures, especially in systems designed with microservices. Merging multiple OpenAPI specifications into a single, coherent spec reduces complexity and the risk of overlooking security loopholes.
  • Improved security testing accuracy: By having a unified view of the APIs, security tests can be more comprehensive, covering interactions and dependencies that may be missed when specs are scattered.
  • Optimized test configurations: Security engineers can now follow step-by-step guidance to configure Escape's DAST scanner more effectively, ensuring that the setup is optimal for detecting vulnerabilities.
  • Enhanced control and visibility: The enhanced UI gives security engineers better control over the scanning process and clearer visibility into the configurations, which helps in maintaining high standards of security practices across the board.

Getting started

Specification merging

  • Go to your security scan -> Settings -> Schema and upload multiple OpenAPI files to merge them into a single specification:
DAST Scanner: New features and improvements
Upload multiple OpenAPI files

Advanced configuration

To set up advanced configuration settings for your scans, go to your security scan -> Settings and choose a relevant tab:

DAST Scanner: New features and improvements
Network configuration
DAST Scanner: New features and improvements
Expert scan configuration

You can learn more about expert usage in our documentation.

With these new updates, you should obtain better results when testing your APIs. Try it out for yourself, and let us know what you think in our Slack community!

💡 Check out more product updates below:

*** This is a Security Bloggers Network syndicated blog from Escape - The API Security Blog authored by Alexandra Charikova. Read the original post at: https://escape.tech/blog/dast-product-updates/


文章来源: https://securityboulevard.com/2024/04/dast-scanner-new-features-and-improvements/
如有侵权请联系:admin#unsafe.sh