DAST (Dynamic Application Security Testing) Analysis Tool

Application Security
- Fortify
  Application Security
  
  Build secure software fast with an application security platform that automates testing throughout the CI/CD pipeline to enable developers to quickly resolve issues.
  
  Use Cases
  Developer-Driven Security
  
  DevSecOps
  
  Enterprise DAST
  
  Integrating Security into the CI/CD Pipeline
  
  Reducing Software Risk
  
  Scale Secure Software
- Fortify on Demand
- Integration Ecosystem
- Marketplace
- Software Composition Analysis
- Software Security Center
- Static Code Analyzer
- WebInspect
Artificial Intelligence
- Interset
  Artificial Intelligence
  
  Interset augments human intelligence with machine intelligence to strengthen your cyber resilience.
- Interset
Data Privacy and Protection
- Voltage
  Data Privacy and Protection
  
  Discover, analyze, and protect sensitive structured and unstructured data, reduce breach risk, and enable data usability with privacy across hybrid IT.
  
  Use Cases
  Acceleration to the Cloud
  
  Data Privacy and Regulatory Pressures
  
  IT Modernization
- Unstructured Data
  File Analysis Suite
  File Analysis Suite
  
  Data Access
  
  Data Discovery
  
  Data Management
- SecureMail
- SmartCipher
- Structured Data
  SecureData Enterprise
  SecureData Enterprise
  
  Big Data
  
  Cloud
  
  Payments
  
  Sentry
- Structured Data Manager
Identity and Access Management
- NetIQ
  Identity and Access Management
  
  Our adaptive identity-centric expertise gives you an integrated platform for identity, access, and privilege management that drives your modern IT ecosystem.
  
  Use Cases
  Access and Advanced Authentication
  
  Identity Goverance
  
  Least Privilege Access
  
  Policy Unification
- Access Management
  Access Management
  
  Access Manager
  
  Advanced Authentication
  
  Risk Service
  
  Secure API Manager
  
  SecureLogin
  
  Self Service Password Reset
- Identity Governance and Administration
  Identity Governance and Adminstration
  
  Data Access Governance
  
  Identity Governance
  
  Identity Manager
- Privilege Management
  Privilege Management
  
  AD Bridge
  
  Directory and Resource Administrator
  
  Privileged Account Manager
- Delegated Administration
  Delegated Administration
  
  Change Guardian
  
  Directory and Resource Administrator
  
  Group Policy Administrator
  
  Policy Compliance Assessor
  
  Secure Configuration Manager
  
  Security Solutions for IBM i
  
  Universal Policy Administrator
Security Operations
- ArcSight
  Security Operations
  
  A security analytics-powered resilient SOC that intelligently adapts to talent shortages by sharpening resource focus with faster, more accurate threat detection of both known and unknown threats.
  
  Use Cases
  Exposure Time Reduction
  
  Operational Efficiency
  
  People-Centric Attack Mitigation
  
  Pre-emptive Threat Detection
  
  SecOps Compliance
- Enterprise Security Manager
- Intelligence
- Marketplace
- MITRE ATT&CK Framework
- Recon
- Security Open Data Platform
- Security Orchestration Automation and Response
- Sentinel
Products A-Z
Certifications and Standards
Documentation

Fortify WebInspect

Find and fix exploitable web application vulnerabilities with automated dynamic application security testing (DAST).

Secure DevOps with automated DAST

WebInspect provides the industry’s most mature dynamic web application testing solution, with the breadth of coverage needed to support both legacy and modern application types. This foundational coverage can be extended into pipelines to support nearly limitless integrations.

Meet compliance standards

Meet security compliance standards with pre-configured policies and reports for major compliance regulations, including PCI DSS, DISA STIG, NIST 800-53, ISO 27K, OWASP, and HIPAA.

Crawl modern frameworks and APIs

Scan basic APIs in seconds with support for OpenAPI (Swagger). For more advanced API scanning scenarios, use WebInspect’s Postman integration to support unique workflows, complicated authentication, and custom parameter requirements.

Manage AppSec risk at scale

Leverage support for dynamic analysis at scale with key tactical features such as automatic macro generation, Selenium support, and containerization. Enjoy enterprise capabilities such as scan orchestration, collaboration, and powerful API coverage for extending dynamic analysis into your pipeline where and how you see fit.

Shift DAST left

Leverage our prebuilt scan policies, or build your own policies that balance the need for speed with your organizational requirements. Use incremental scanning to rapidly assess vulnerabilities in changed areas of the application, or leverage QA scripts for highly targeted scanning.

WebInspect free trial

Start your 15-day trial of WebInspect to access comprehensive dynamic analysis of complex web applications and services. All WebInspect features are enabled in your trial. Set up scans in our test app, generate reports, view scan results, and more.

Your browser is not supported

Fortify

Interset

Voltage

NetIQ

ArcSight

Fortify

Fortify

Interset

Voltage

Voltage

NetIQ

NetIQ

ArcSight

ArcSight

Fortify WebInspect

Secure DevOps with automated DAST

Meet compliance standards

Crawl modern frameworks and APIs

Manage AppSec risk at scale

Shift DAST left

Customer Success Stories

Doctors On Demand

Equifax

SAP

Related Resources

Fortify Ranked #1 in Gartner Critical Capabilities Report

Application Security Risk Report

5 Reasons Why SAST+DAST Makes Sense

What is DAST?

Coca-Cola FEMSA

Fortify Ranked #1 in Gartner Critical Capabilities Report

Application Security Risk Report

5 Reasons Why SAST+DAST Makes Sense

What is DAST?

Coca-Cola FEMSA

Related Products

Fortify Application Security

Fortify Static Code Analyzer

Fortify on Demand

Fortify Software Security Center

WebInspect free trial