ScanCentral DAST with Two-factor Authentication

The following diagram illustrates the Fortify ScanCentral DAST architecture when the optional two-factor authentication server is deployed.

DAST 2FA Server

The ScanCentral DAST 2FA Server Docker image provides support for scans that require two-factor authentication. The 2FA Server container communicates with the following components:

• DAST API to generate the QR code used to register a mobile phone for two-factor authentication

• Global Service to indicate that the 2FA Server is up and running

• Fortify WebInspect sensor to process two-factor authentication requests and responses

Installation Recommendation

Fortify recommends that you run the 2FA Server on a host or VM that is separate from any other ScanCentral DAST component—DAST API, DAST Global Service, DAST Utility Service, or DAST sensor.

2FA Server Versions

The image is available for both Windows and Linux operating systems. The image names are as follows:

• Windows – fortify-2fa:23.1.nanoserver.1809

• Red Hat Linux – fortify-2fa:23.1.ubi.8