Why OpenText
Why OpenText
Overview Why OpenText
OpenText brings decades of expertise to help you unlock data, connect people and processes, and fuel AI with trust
Manage and connect data
Unify data seamlessly across your enterprise to eliminate silos, improve collaboration, and reduce risks
AI-ready information
Get AI-ready and transform your data into structured, accessible, optimized information
Built-in security and compliance
Meet regulatory and compliance requirements and protect your information throughout its lifecycle
Empowering people
Overview Empowering people
OpenText helps people manage content, automate work, use AI, and collaborate to boost productivity
Customers
See how thousands of companies around the world are succeeding with innovative solutions from OpenText™
Employees
Our people are our greatest asset; they are the life of the OpenText brand and values
Corporate Responsibility
Learn how we aspire to advance societal goals and accelerate positive change
Partners
Find a highly skilled OpenText partner with the right solution to enable digital transformation
How we compare
Content Management
Service Management
Deploy anywhere
Overview Deployment options
Explore scalable and flexible deployment options for global organizations of any size
Sovereign cloud
Local control. Global scale. Trusted AI
Private cloud
Your cloud, your control
On-premises
Free up resources, optimize performance and rapidly address issues
Public cloud
Run anywhere and scale globally in the public cloud of your choice
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Aviator AI
Overview Aviator AI
See information in new ways
OpenText™ Aviator AI
AI that understands your business, your data, and your goals
OpenText™ MyAviator
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
OpenText™ Business Network Aviator
Gain better insights with generative AI for supply chains
OpenText™ Content Aviator
Power work with AI content management and an intelligent AI content assistant
OpenText™ Cybersecurity Aviator
Improve your security posture with AI cybersecurity and agile threat detection
OpenText™ DevOps Aviator
Enable faster app delivery, development, and automated software testing
OpenText™ Experience Aviator
Elevate customer communications and experiences for customer success
OpenText™ Service Management Aviator
Empower users, service agents, and IT staff to find the answers they need
Analytics
Overview Analytics
Predict, act, and win with real-time analytics on a smarter data platform
OpenText™ Aviator Search(AI)
Give users access to the answers they need, faster and easier, with multi-repository AI-based search that lets you contextualize everything from clicks to conversations
Business Network
Overview Business Network
Connect once, reach anything with a secure B2B integration platform
Content
Overview Content
Reimagine knowledge with AI-ready content management solutions
OpenText™ Content Aviator(AI)
Supercharge intelligent workspaces with AI to modernize work
Cybersecurity
Overview Cybersecurity
Integrated cybersecurity solutions for enterprise protection
OpenText Cybersecurity for SMBs & MSPs
Purpose built data protection and security solutions
OpenText™ Cybersecurity Aviator(AI)
Reinvent threat hunting to improve security posture with the power of agile AI
DevOps
Overview DevOps
Ship better software—faster—with AI-driven DevOps automation, testing, and quality
Experience
Overview Experience
Reimagine conversations with unforgettable customer experiences
Observability and Service Management
Overview Observability and Service Management
Get the clarity needed to cut the cost and complexity of IT operations
OpenText™ Service Management Aviator(AI)
Redefine Tier 1 business support functions with self-service capabilities from private generative AI
APIs
Overview APIs
Build custom applications using proven OpenText Information Management technology
OpenText™ Aviator Thrust
Build it your way with OpenText Cloud APIs that create the real-time information flows that enable custom applications and workflows
Device and Data Protection
Overview Device and Data Protection
Protect what matters, recover when it counts
Unified Endpoint Management Tools
- OpenText™ Endpoint Management
- OpenText™ ZENworks Suite
- OpenText™ ZENworks Service Desk
- OpenText™ ZENworks Configuration Management
- OpenText™ ZENworks Endpoint Security Management
- OpenText™ ZENworks Full Disk Encryption
- OpenText™ ZENworks Endpoint Software Patch Management
- OpenText™ ZENworks Asset Management
Solutions
Information Reimagined
Overview Information Reimagined
Get greater visibility and sharper insights from AI-driven information management. Ready to see how?
Artificial Intelligence
Overview Aviator AI
Break free from silos, streamline processes, and improve customer experiences with secure information management for AI
Industry
Overview Industry solutions
Improve efficiency, security, and customer satisfaction with OpenText
Enterprise Application
Overview Solutions for Enterprise Applications
Run processes faster and with less risk
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Services
Services
Overview Services
Achieve digital transformation with guidance from certified experts
Professional Services
Modernize your information management with certified experts
Customer Success Services
Unlock the full potential of your information management solution
Support Services
Turn support into your strategic advantage
Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Professional Services
Overview Professional Services
Modernize your information management with certified experts
Customer Success Services
Overview Customer Success Services
Unlock the full potential of your information management solution
Support Services
Overview Support Services
Turn support into your strategic advantage
Managed Services
Overview Managed Services
Extend IT teams with certified OpenText application experts
Learning Services
Overview Learning Services
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Partners
Find a Partner
Overview Find a partner
Information is the heartbeat of every organization. We build information management software so you can build the future
Cloud Partners
Overview Cloud Partners
OpenText partners with leading cloud infrastructure providers to offer the flexibility to run OpenText solutions anywhere
Migrate, optimize and manage information management solutions on AWS
Optimize performance and reduce costs with applications deployed on a secure, globally scaled platform
Accelerate migration and modernization with deployment in a highly secure and compliant public cloud
Enterprise Application Partners
Overview Enterprise Application Partners
OpenText partners with top enterprise app providers to unlock unstructured content for better business insights
Maximize sustained growth, value, and innovation with intelligent enterprise solutions from OpenText and SAP
Connect content to business processes for better productivity and stronger governance
Optimize Salesforce effectiveness by bringing together transactional data and unstructured content
Partner Solutions
Overview Partner Solutions
Discover flexible and innovative offerings designed to add value to OpenText solutions
Resources for Partners
Overview Resources for Partners
Discover the resources available to support and grow Partner capabilities
Support
Overview Customer Support
Get expert product and service support to accelerate issue resolution and keep business flows running efficiently
Resources
Overview Resources
Explore detailed services and consulting presentations, briefs, documentation and other resources
This page is available for the following regions.
Europe, Middle East and Africa
Asia–Pacific
What is Dynamic Application Security Testing (DAST)?
Overview
Dynamic Application Security Testing (DAST) is the process of analyzing a web application through the front-end to find vulnerabilities through simulated attacks. This type of approach evaluates the application from the “outside in” by attacking an application like a malicious user would. After a DAST scanner performs these attacks, it looks for results that are not part of the expected result set and identifies security vulnerabilities.
Dynamic Application Security Testing (DAST)
Pros of DAST
- Independent of the application
- Immediately finds vulnerabilities that could be exploited
- Does not require access to the source code
Cons of DAST
- Does not find the exact location of a vulnerability in the code
- Security knowledge is needed to interpret reports
- Test can be time-consuming
Application development and testing continues to be the most challenging security process for organizations, according to IT security professionals. Developers need solutions to help them create secure code, and that is where Application Security (AppSec) tools come into play.
AppSec is the discipline of processes, tools and practices aiming to protect applications from threats throughout the entire application lifecycle.
There are many ways to test application security, including:
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Mobile Application Security Testing (MAST)
- Interactive Application Security Testing (IAST)
Why is DAST important?
DAST is important because developers don’t have to rely solely on their own knowledge when building applications. By conducting DAST during the SDLC, you can catch vulnerabilities in an application before it’s deployed to the public. If these vulnerabilities are left unchecked and the app is deployed as such, this could lead to a data breach, resulting in major financial loss and damage to your brand reputation. Human error will inevitably play a part at some point in the Software Development Life Cycle (SDLC), and the sooner a vulnerability is caught during the SDLC, the cheaper it is to fix.
When DAST is included as part of the Continuous Integration/Continuous Development (CI/CD) pipeline, this is referred to as “Secure DevOps,” or “DevSecOps.”
How does DAST work?
A DAST scanner searches for vulnerabilities in a running application and then sends automated alerts if it finds flaws that allow for attacks like SQL injections, Cross-Site Scripting (XSS), and more. Since DAST tools are equipped to function in a dynamic environment, they can detect runtime flaws which SAST tools can’t identify.
To use the example of a building, a DAST scanner can be thought of like a security guard. However, rather than just making sure the doors and windows are locked, this guard goes a step further by attempting to physically break into the building. The guard might try to pick the locks on the doors or break windows. After finishing this examination, the guard could report back to the building manager and provide an explanation of how he was able to break into the building. A DAST scanner can be thought of in this same way – it actively attempts to find vulnerabilities in a running environment so the DevOps team knows where and how to fix them.What is a DAST tool that is well-suited for developers?
OpenText™ Fortify™ WebInspect provides automated dynamic application security testing so you can scan and fix exploitable web application vulnerabilities.
Typically, DAST is done after production since it is emulating attacks on a running application; but by making the decision to “Shift DAST left” (moving DAST earlier in the process of development) you’re able to detect vulnerabilities sooner, which saves time and money. Fortify WebInspect includes pre-built scan policies, balancing the need for speed with your organizational requirements.
Fortify WebInspect also includes an incremental scanning feature, which allows you to rapidly asses vulnerabilities in only the areas of the application that have changed.
Fortify WebInspect allows you to:
- Secure DevOps with automated DAST
- Manage AppSec risk at scale
- Achieve compliance with major data security regulations
- Shift DAST left
- Crawl modern frameworks and APIs
- Build a stronger AppSec program
What is the difference between SAST and DAST?
DAST attacks the application from the “outside in” by attacking an application like a malicious user would. After a DAST scanner performs these attacks, it looks for results that are not part of the expected result set and identifies security vulnerabilities.
SAST, on the other hand, analyzes static environments, meaning the source code of an application. It looks at the application from the “inside out,” searching for vulnerabilities in the code.
To maximize the strength of your security posture, it’s a best practice to use both SAST and DAST. Having this unified taxonomy across testing methods enables you to have a complete view of vulnerabilities.
At OpenText Fortify...
We improve your SDLC with Dynamic Application Security Testing (DAST). Fortify WebInspect provides the technology and reporting you need to secure and analyze your applications. By design, this and other OpenText tools bridge the gap between existing and emerging technologies – which means you can innovate and deliver apps faster, with less risk, in the race to digital transformation.
Fortify offers the most comprehensive static and dynamic application security testing technologies, along with runtime application monitoring and protection, backed by industry-leading security research.
Resources
Related products
OpenText™ Fortify WebInspect
Identify vulnerabilities in deployed web applications and services
OpenText™ Fortify on Demand
Unlock security testing, vulnerability management, and tailored expertise and support
OpenText™ Cybersecurity Cloud
Defend with precision, secure with confidence
