Sign Up Login
Resource Center  >  Blog

Bright Product Update – November 2021

Publication:
November 17, 2021
Author:
Nera Besic
Type:

This blog post announces the November 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

New Features

Assigning roles to groups

group-roles

Every group can now be assigned a role, which defines the access scope in fine-grained detail. Try it out – manage your organization.

Get full IP traceroute on a specific target

traceroute

Reveal all connectivity bottlenecks in minutes! Get a full IP traceroute on your target application to easily manage whitelisting Bright. See the documentation.

Restrict a Repeater to a specific project(s)

select-repeater-for-project

You can now use a repeater only for particular projects, which lets different teams scan only specific local targets. See the documentation.

Improvements

Optimize attack surface with custom headers

custom-headers

You can now optimize the attack surface by selecting specific custom headers to be covered by tests during scanning. These headers will be included in the “smart scan targets” for your scans, allowing you to test your custom headers with all our tests without compromising on scan speed. Run a scan with custom headers

Possibility to change the method on redirect when configuring an Authentication Object

auth-redirect-method

When configuring an authentication object, you can now enable redirects for code 302, where the server expects the following methods to always be GET during redirects, and not the original method that triggered the redirect. Create an Authentication Object.

Allow using API keys to access role resources

api-key-roles

From now on you can select the role-related access scopes when creating API keys, as well as manage those roles via our REST API. See documentation.

Easy access to Authentications

auth-menu

Now you can easily reach Authentications from the left menu. See the documentation

General UI improvements

ui-improvements

Enjoy our improved breadcrumbs navigation, smart copy button, “found issues” view on the Scans page, and other UI enhancements to make your experience better.

Scan surface discovery and speed improvements

We improved scan speeds by automatically analyzing and excluding irrelevant entry points such as duplicates and static resources.

Related Articles:

Related topics

Dynamic Application Security Testing (DAST) is a crucial component in fortifying web applications against potential vulnerabilities. By taking a proactive stance, DAST systematically detects and addresses security flaws.

See more

By mapping Dynamic Application Security Testing (DAST) to the Payment Card Industry Data Security Standard (PCI DSS) requirements, organizations can

See more

What Is Mobile Application Security Testing?  Mobile application security testing is the process of assessing, analyzing, and evaluating the security

See more

Test Your Web App for 10,000+ Attacks

See Our Dynamic Application Security Testing (DAST) in Action

  • Find & fix vulnerabilities fast
  • Zero false positives
  • Developer friendly

and see how easy AppSec can be

Resources
Company
Legal
Get Started

Test Your Web App for 10,000+ Attacks

Integrate vulnerability testing into your DevOps pipeline. Find & fix vulnerabilities fast with zero false positives.
See Our Dynamic Application Security Testing (DAST) in Action
Testing variance Using Legacy Dast Using Dev-Centric Dast
% of orgs knowingly pushing vulnerable apps & APIs to prod 86% 50%
Time to remediate >Med vulns in prod 280 days <150 days
% of > Med vulns detected in CI, or earlier <5% ~55%
Dev time spent remediating vulns - Up to 60x faster
Happiness level of Engineering & AppSec teams - Significantly improved
Average cost of Data Breach (US) $7.86M $7.86M