← Back to Landscape

#23DELIVERYSTAGEElite

DAST Scan

Runtime security scanning

Hard

Overview

Dynamic security scanning of running applications. Detects vulnerabilities that only appear at runtime.

Why It Matters

Find vulnerabilities that only appear at runtime. Test the running application.

Implementation Pattern

1Choose DAST tool
2Run scans against staging
3Configure scan scope
4Track remediation

Tool Examples

These are examples, not endorsements. Choose what fits your context.

OWASP ZAP

Nikto

Dependencies

Requires (must have first)

•#20 Deploy to Stage

Enhanced by (more effective with)

•#12 Code Scan (SAST)

Enables (unlocks)

•#62 Vulnerability Tracking

Same Phase

Other capabilities in this pipeline phase

Quick Actions

View in Flow View full landscape Assess your platform

#24 Pre-Deploy Snapshot