#23DELIVERYSTAGEElite
DAST Scan
Runtime security scanning
Hard
Overview
Dynamic security scanning of running applications. Detects vulnerabilities that only appear at runtime.
Why It Matters
Find vulnerabilities that only appear at runtime. Test the running application.
The Risk
Static analysis misses runtime configuration issues. Authentication flaws, missing security headers, and server misconfigurations only appear in the deployed application.
Implementation Components
A complete implementation of this capability includes:
- Dynamic scanner configured for your application
- Scans run against staging after deployment
- Authentication credentials for scanning protected areas
- Scan scope configuration to avoid breaking services
- Findings prioritized by severity and exploitability
- Integration with vulnerability tracking system
Implementation Pattern
- 1Choose DAST tool
- 2Run scans against staging
- 3Configure scan scope
- 4Track remediation
Tool Examples
These are examples, not endorsements. Choose what fits your context.
Dependencies
Requires (must have first)
Enhanced by (more effective with)
Enables (unlocks)
Same Phase
Other capabilities in this pipeline phase