Application Security

OpenText Fortify WebInspect

Identify vulnerabilities in deployed web applications and services

OpenText Fortify WebInspect


OpenText Fortify WebInspect

Secure your software supply chain and protect the integrity of your code with WebInspect dynamic application security testing (DAST).

Read the data sheet

Why choose Fortify WebInspect?

  • Functional application security testing (FAST)

    Make sure nothing gets missed with testing that uses all the functional tests IAST does—then keeps going.

  • Hacker-level insights

    Prevent vulnerabilities by finding where updates are needed, such as client-side frameworks and the version numbers.

  • Client-side software composition

    Client-side software composition analysis (SCA) provides CVEs of client-side libraries, health data of open source projects, and an exportable CycloneDX SBOM.

  • HAR files for workflow macros

    WebInspect can use HAR files for workflow scanning, ensuring scans cover important content.

  • Testing and multi-factor authentication

    WebInspect continues to scan, even in multi-factor authentication (MFA) environments.

How Fortify WebInspect can benefit business

Discover the advantages of using Fortify WebInspect.

  • Find vulnerabilities faster and easier

    Find vulnerabilities faster and easier

    Tune and optimize Fortify WebInspect to your application and find vulnerabilities faster and earlier in the SDLC.

  • Save time with automation

    Save time with automation

    Optimize productivity and resources with features like redundant page detection, automated macro generations, incremental scanning, and containerized delivery.

  • Crawl modern frameworks and web technologies

    Crawl modern frameworks and web technologies

    Test the latest web technologies, including HTML5, JSON, AJAX, JavaScript, HTTP2, and more.


  • Flexible deployment

    Gets you started quickly and scales as needed, with the flexibility of off-cloud deployments, SaaS, or AppSec-as-a-service.

  • Compliance management

    Provides pre-configured policies and reports for all major compliance regulations related to web application security, including PCI DSS, DISA STIG, NIST 800-53, ISO 27K, OWASP, and HIPAA.

  • Horizontal scaling

    Increases speed through horizontal scaling, which uses Kubernetes to create little versions of WebInspect that focus on processing JavaScript, allowing parallel scanning that’s much faster.

  • API scanning

    Presents a complete story of your APIs, whether they’re SOAP, Rest, Swagger, OpenAPI, Postman, GraphQL, or gRPC.

Explore the advantages of OpenText and partner services

Professional Services

OpenText Consulting Services combines end-to-end solution implementation with comprehensive technology services to help improve systems.


OpenText helps customers find the right solution, the right support and the right outcome.


OpenText Learning Services offers comprehensive enablement and learning programs to accelerate knowledge and skills.


Explore our OpenText communities. Connect with individuals and companies to get insight and support. Get involved in the discussion.

Leaders trust OpenText

See how customers are succeeding with WebInspect

See more success stories
Suqian Software Public Testing Service Base

Creating high-capacity software testing services for a growing digital transformation market in China.

Learn more
Baltic Amadeus

Fortify WebInspect drastically reduces manual security testing effort to speed up time to market and simplify compliance.

Learn more

Fortify WebInspect resources

Fortify WebInspect (DAST) data sheet

Read the data sheet

ScanCentral DAST data sheet: deliver DAST at scale

Read the data sheet

3 reasons DAST is more effective than IAST

Read the blog

Interview with Shawn Simpson: What is WebInspect and why should we use it?

Read the blog

What is DAST?

Learn more

Position paper: DAST for the Enterprise—a shift to the left

Read the position paper