Application Security

OpenText Dynamic Application Security Testing (Fortify)

Continuously test live apps to find real-world vulnerabilities

OpenText Dynamic Application Security Testing platform dashboard image

OpenText recognized as a Customers' Choice by Gartner®Get the report

Overview

Simulate real-world attacks on live applications, APIs, and services to uncover exploitable vulnerabilities. Validate production environments—no source code or staging required.

OpenText Dynamic Application Security Testing dashboard image

OpenText™ Dynamic Application Security Testing (Fortify) is an automated security testing solution that uncovers real, exploitable vulnerabilities by simulating live attacks against running applications, APIs, and services. Designed for modern DevSecOps teams, it prioritizes issues for root-cause analysis and integrates seamlessly via REST APIs—whether managed through an intuitive UI or fully automated in CI/CD pipelines.

Read the data sheet

Why OpenText Dynamic Application Security Testing?

Secure your software supply chain and protect application integrity with efficiency, scale, and modern testing capabilities

Speed
Find vulnerabilities earlier and more efficiently
Accelerate security feedback by tuning OpenText DAST to your application environment and surfacing real-world vulnerabilities earlier in the SDLC.
Automation
Reduce manual effort and scale securely
Enhance team productivity with automated attack simulations, macro generation, redundant page detection, and flexible CI/CD container delivery.
Proficiency
Test today’s modern applications
Scan and analyze modern web stacks like HTML5, JSON, AJAX, JavaScript, and HTTP2, ensuring coverage across evolving digital surfaces.

We see OpenText Dynamic Application Security Testing [Fortify] as a very important link in our value chain and look forward to further testing automation and expanding our use of the solution.

Vitalis Kavaliauskas
Chief Technology Officer, Baltic Amadeus
Learn more

Automating Azure DevOps pipeline scans and using SC DAST automation has improved vulnerability work processes with OpenText Dynamic Application Security Testing (Fortify).

Mark Berrier
Cybersecurity Fortify SME, U.S. Navy

By integrating [OpenText DAST] into our CI/CD pipelines, we automate security testing and identify vulnerabilities early, reducing remediation costs and accelerating secure software delivery.

DevOps Engineer
Medium Enterprise Professional Services Company

With OpenText, we now feel very confident that our developers can find and fix security flaws during every stage of the development cycle, creating secure software with more flexibility and speed.

Software Asset Manager
Public sector system integrator
Learn more

Use cases

Why OpenText Dynamic Application Security Testing?

Make sure nothing gets missed with testing that uses all the functional tests IAST does—then keeps going.
Prevent vulnerabilities by finding where updates are needed, such as client-side frameworks and the version numbers.
Client-side software composition analysis (SCA) provides CVEs of client-side libraries, health data of open source projects, and an exportable CycloneDX SBOM.
WebInspect can use HAR files for workflow scanning, ensuring scans cover important content.
WebInspect continues to scan, even in multi-factor authentication (MFA) environments.

Key features

Automate compliance, scale effortlessly, and scan APIs with precision. With flexible deployment, rapid horizontal scaling, and client-side SCA, stay ahead of evolving threats

API scanning

Presents a complete story of your APIs, whether they’re SOAP, REST, Swagger, OpenAPI , Postman, GraphQL, or gRPC.

ScanCentral DAST

Offloads code analysis tasks from your build machine to remote sensors so you can efficiently manage your time and resources.

Compliance management

Provides pre-configured policies and reports for all major compliance regulations related to web application security, including PCI DSS, DISA STIG, NIST 800-53, ISO 27K, OWASP, and HIPAA.

Flexible deployment

Gets you started quickly and scales as needed, with the flexibility of off-cloud deployments, SaaS, or AppSec-as-a-service.

Rapid DAST scaling

Dynamically scales up or down to meet the changing demands of the CI/CD pipeline.

Accelerate the value of Dynamic Application Security Testing

Deployment

OpenText offers deployment choice and flexibility for OpenText Dynamic Application Security Testing.

Run anywhere and scale globally in the public cloud of your choice

OpenText Public Cloud (Multi-Tenant SaaS)
Extend your team

Off Cloud, on-premises software, managed by your organization or OpenText

Accelerate cloud strategies with OpenText cloud experts

OpenText Private Cloud (Single Tenant) on OpenText Cloud, AWS, GCP, or Azure
Develop, connect and extend your Information Management capabilities

API from OpenText Developer Cloud

Professional Services

OpenText Professional Services combines end-to-end solution implementation with comprehensive technology services to help improve systems.

Get a trusted partner to guide your information management path

Your journey to success
Accelerate your information management journey

Consulting Services

Propel your business into the future with modern solutions

NextGen Services
Unlock the full potential of your information management solution

Customer Success Services

Partners

OpenText helps customers find the right solution, the right support, and the right outcome.

Search OpenText's Partner directory

Find a Partner
Explore OpenText's Partner solutions catalog

Application Marketplace

Industry-leading organizations that enhance OpenText products and solutions

Strategic Partners

Communities

Explore our OpenText communities. Connect with individuals and companies to get insight and support. Get involved in the discussion.

Explore ideas, join discussions, and network

OpenText community

OpenText Dynamic Application Security Testing resources

3 reasons DAST is more effective than IAST

DAST uncovers more vulnerabilities, simulates real attacks, and seamlessly integrates security.

Read the blog

Gartner names OpenText a Leader in critical capabilities

OpenText is a top Leader in SAST and DAST, and one of the only vendors that moved up in the quadrant.

Read the blog

Customers’ Choice

OpenText recognized for application security testing on Gartner ® Peer Insights™︎.

Read the blog

What is dynamic application security testing (DAST)?

Learn more

Cybersecurity in a Web 3.0 world

Read the flyer

5 reasons why SAST + DAST with OpenText makes sense

Learn more

OpenText Application Security Testing Tools

Visit the community page

What is dynamic application security testing (DAST)?

Learn more

Cybersecurity in a Web 3.0 world

Read the flyer

5 reasons why SAST + DAST with OpenText makes sense

Learn more

OpenText Application Security Testing Tools

Visit the community page

OpenText™ Core Application Security

Unlock security testing, vulnerability management, and tailored expertise and support
OpenText™ Static Application Security Testing

Find and fix security issues early with industry-leading accuracy
OpenText™ Application Security Aviator

Secure smarter, not harder with AI code analysis and code fix suggestions
OpenText™ Core Software Composition Analysis

Take full control of open source security, compliance, and health

Take the next step

Interested in learning more? An OpenText expert is ready to help.

Contact us

FeaturedFeatured

Analytics CloudAnalytics Cloud

Data Lakehouse & AnalyticsData Lakehouse & Analytics

BI, Visualization & ReportingBI, Visualization & Reporting

eDiscovery with AIeDiscovery with AI

OpenText™ Aviator Search

Business Network CloudBusiness Network Cloud

Supply Chain AutomationSupply Chain Automation

B2B IntegrationB2B Integration

Secure CollaborationSecure Collaboration

Supply Chain TraceabilitySupply Chain Traceability

Supply Chain InsightsSupply Chain Insights

Industry Applications and ServicesIndustry Applications and Services

OpenText™ Business Network Aviator

Content CloudContent Cloud

Document ManagementDocument Management

AI Content ManagementAI Content Management

Capture and Intelligent Document ProcessingCapture and Intelligent Document Processing

Process AutomationProcess Automation

Business IntegrationsBusiness Integrations

Information ArchivingInformation Archiving

Industry SolutionsIndustry Solutions

Information GovernanceInformation Governance

OpenText™ Content Aviator

Cybersecurity CloudCybersecurity Cloud

Application SecurityApplication Security

Data Privacy and ProtectionData Privacy and Protection

Threat Detection and ResponseThreat Detection and Response

Identity and Access ManagementIdentity and Access Management

Digital Investigations and ForensicsDigital Investigations and Forensics

Threat IntelligenceThreat Intelligence

OpenText™ Cybersecurity Aviator

DevOps CloudDevOps Cloud

DevOps PlatformDevOps Platform

Functional TestingFunctional Testing

PPM and Strategic Portfolio ManagementPPM and Strategic Portfolio Management

Quality ManagementQuality Management

Performance EngineeringPerformance Engineering

OpenText™ DevOps Aviator

Experience CloudExperience Cloud

Web & Mobile ExperiencesWeb & Mobile Experiences

Contact Center AnalyticsContact Center Analytics

Messaging & FaxMessaging & Fax

Customer CommunicationsCustomer Communications

Digital Asset ManagementDigital Asset Management

Customer Journey and DataCustomer Journey and Data

OpenText™ Experience Aviator

Observability and Service Management CloudObservability and Service Management Cloud

Service ManagementService Management

ObservabilityObservability

AIOpsAIOps

Automation and Vulnerability RemediationAutomation and Vulnerability Remediation

CMDB and Asset ManagementCMDB and Asset Management

OpenText™ Service Management Aviator

OpenText™ ThrustOpenText™ Thrust

OpenText™ Thrust bundleOpenText™ Thrust bundle

OpenText™ Aviator Thrust

OtherOther

Enterprise Data Backup and Disaster Recovery SolutionsEnterprise Data Backup and Disaster Recovery Solutions

Unified Endpoint Management ToolsUnified Endpoint Management Tools

Hybrid Work, Email, and Team Collaboration Hybrid Work, Email, and Team Collaboration

Email Archiving, E-Discovery, Data Archiving ComplianceEmail Archiving, E-Discovery, Data Archiving Compliance

Connectivity and Document ManagementConnectivity and Document Management

Information reimaginedInformation reimagined

Artificial IntelligenceArtificial Intelligence

IndustryIndustry

Enterprise ApplicationsEnterprise Applications

Your journey to successYour journey to success

Customer SupportCustomer Support

Customer Success ServicesCustomer Success Services

Consulting ServicesConsulting Services

NextGen ServicesNextGen Services

Cloud MigrationCloud Migration

Latest product releasesLatest product releases

Learning ServicesLearning Services

Managed ServicesManaged Services

Find an OpenText PartnerFind an OpenText Partner

Find a Partner SolutionFind a Partner Solution

Grow as a PartnerGrow as a Partner

Become a Partner

Featured

Analytics Cloud

Data Lakehouse & Analytics

BI, Visualization & Reporting

eDiscovery with AI

Business Network Cloud

Supply Chain Automation

B2B Integration

Secure Collaboration

Supply Chain Traceability

Supply Chain Insights

Industry Applications and Services

Content Cloud

Document Management

AI Content Management

Capture and Intelligent Document Processing

Process Automation

Business Integrations

Information Archiving

Industry Solutions

Information Governance

Cybersecurity Cloud

Application Security

Data Privacy and Protection

Threat Detection and Response

Identity and Access Management

Digital Investigations and Forensics

Threat Intelligence

DevOps Cloud

DevOps Platform

Functional Testing

PPM and Strategic Portfolio Management

Quality Management

Performance Engineering

Experience Cloud

Web & Mobile Experiences

Contact Center Analytics

Messaging & Fax

Customer Communications

Digital Asset Management

Customer Journey and Data

Observability and Service Management Cloud

Service Management

Observability

AIOps

Automation and Vulnerability Remediation

CMDB and Asset Management

OpenText™ Thrust

OpenText™ Thrust bundle

Other

Enterprise Data Backup and Disaster Recovery Solutions

Unified Endpoint Management Tools

Hybrid Work, Email, and Team Collaboration

Email Archiving, E-Discovery, Data Archiving Compliance

Connectivity and Document Management

Information reimagined

Artificial Intelligence

Industry

Enterprise Applications

Your journey to success

Customer Support

Customer Success Services

Consulting Services

NextGen Services

Cloud Migration

Latest product releases

Learning Services

Managed Services

Find an OpenText Partner

Find a Partner Solution

Grow as a Partner

Asset Library

Blogs

Events

Communities

Customer Stories

OpenText Navigator

Marketplace