Application Security

OpenText Dynamic Application Security Testing (Fortify)

Continuously test live apps to find real-world vulnerabilities

OpenText Dynamic Application Security Testing platform dashboard image

OpenText recognized as a Customers' Choice by Gartner®Get the report

Overview

Simulate real-world attacks on live applications, APIs, and services to uncover exploitable vulnerabilities. Validate production environments—no source code or staging required.

OpenText Dynamic Application Security Testing dashboard image

OpenText™ Dynamic Application Security Testing (Fortify) is an automated security testing solution that uncovers real, exploitable vulnerabilities by simulating live attacks against running applications, APIs, and services. Designed for modern DevSecOps teams, it prioritizes issues for root-cause analysis and integrates seamlessly via REST APIs—whether managed through an intuitive UI or fully automated in CI/CD pipelines.

Read the data sheet

Why OpenText Dynamic Application Security Testing?

Secure your software supply chain and protect application integrity with efficiency, scale, and modern testing capabilities

  • Speed
    Find vulnerabilities earlier and more efficiently
    Accelerate security feedback by tuning OpenText DAST to your application environment and surfacing real-world vulnerabilities earlier in the SDLC.
  • Automation
    Reduce manual effort and scale securely
    Enhance team productivity with automated attack simulations, macro generation, redundant page detection, and flexible CI/CD container delivery.
  • Proficiency
    Test today’s modern applications
    Scan and analyze modern web stacks like HTML5, JSON, AJAX, JavaScript, and HTTP2, ensuring coverage across evolving digital surfaces.

Use cases

Why OpenText Dynamic Application Security Testing?

  • Make sure nothing gets missed with testing that uses all the functional tests IAST does—then keeps going.

  • Prevent vulnerabilities by finding where updates are needed, such as client-side frameworks and the version numbers.

  • Client-side software composition analysis (SCA) provides CVEs of client-side libraries, health data of open source projects, and an exportable CycloneDX SBOM.

  • WebInspect can use HAR files for workflow scanning, ensuring scans cover important content.

  • WebInspect continues to scan, even in multi-factor authentication (MFA) environments.

    Key features

    Automate compliance, scale effortlessly, and scan APIs with precision. With flexible deployment, rapid horizontal scaling, and client-side SCA, stay ahead of evolving threats

    Magnifying glass scanning image

    API scanning

    Presents a complete story of your APIs, whether they’re SOAP, REST, Swagger, OpenAPI , Postman, GraphQL, or gRPC.

    ScanCentral DAST magnifying glass on code image

    ScanCentral DAST

    Offloads code analysis tasks from your build machine to remote sensors so you can efficiently manage your time and resources.

    Security shield with checkmark image

    Compliance management

    Provides pre-configured policies and reports for all major compliance regulations related to web application security, including PCI DSS, DISA STIG, NIST 800-53, ISO 27K, OWASP, and HIPAA.

    Flexible deployment cloud image

    Flexible deployment

    Gets you started quickly and scales as needed, with the flexibility of off-cloud deployments, SaaS, or AppSec-as-a-service.

    Code scaling image

    Rapid DAST scaling

    Dynamically scales up or down to meet the changing demands of the CI/CD pipeline.


    Accelerate the value of Dynamic Application Security Testing

    Deployment

    OpenText offers deployment choice and flexibility for OpenText Dynamic Application Security Testing.

    Professional Services

    OpenText Professional Services combines end-to-end solution implementation with comprehensive technology services to help improve systems.

    Partners

    OpenText helps customers find the right solution, the right support, and the right outcome.

    Communities

    Explore our OpenText communities. Connect with individuals and companies to get insight and support. Get involved in the discussion.

    OpenText Dynamic Application Security Testing resources

    Baltic Amadeus logo

    Reduced manual security testing efforts to speed time to market

    Learn more
    Suqian Software Public Testing Service Base logo

    Created high-capacity software testing services for a growing market

    Learn more
    Hightech industry logo

    Delivered effective and streamlined application security

    Learn more

    OpenText Dynamic Application Security Testing

    Read the data sheet

    ScanCentral DAST

    Read the data sheet

    5 reasons why SAST + DAST with OpenText makes sense

    Learn more

    DAST for the enterprise—a shift to the left

    Read the paper

    AppSec testing in multi-factor authentication environments

    Read the flyer

    OpenText Dynamic Application Security Testing

    Read the data sheet

    ScanCentral DAST

    Read the data sheet

    5 reasons why SAST + DAST with OpenText makes sense

    Learn more

    DAST for the enterprise—a shift to the left

    Read the paper

    AppSec testing in multi-factor authentication environments

    Read the flyer
    Magnifying glass on code image

    3 reasons DAST is more effective than IAST

    DAST uncovers more vulnerabilities, simulates real attacks, and seamlessly integrates security.

    Read the blog
    Person reading on a tablet

    Gartner names OpenText a Leader in critical capabilities

    OpenText is a top Leader in SAST and DAST, and one of the only vendors that moved up in the quadrant.

    Read the blog
    Person typing on laptop

    Customers’ Choice

    OpenText recognized for application security testing on Gartner ® Peer Insights™︎.

    Read the blog

    What is dynamic application security testing (DAST)?

    Learn more

    Cybersecurity in a Web 3.0 world

    Read the flyer

    5 reasons why SAST + DAST with OpenText makes sense

    Learn more

    OpenText Application Security Testing Tools

    Visit the community page

    What is dynamic application security testing (DAST)?

    Learn more

    Cybersecurity in a Web 3.0 world

    Read the flyer

    5 reasons why SAST + DAST with OpenText makes sense

    Learn more

    OpenText Application Security Testing Tools

    Visit the community page

    Take the next step

    Interested in learning more? An OpenText expert is ready to help.

    Contact us