Sign Up Login
Resource Center  >  Blog

Bright Product Update – November 2021

November 17, 2021
Nera Besic

This blog post announces the November 2021 Update for Bright.
We added some new features and product enhancements that will make your experience even better.

New Features

Assigning roles to groups


Every group can now be assigned a role, which defines the access scope in fine-grained detail. Try it out – manage your organization.

Get full IP traceroute on a specific target


Reveal all connectivity bottlenecks in minutes! Get a full IP traceroute on your target application to easily manage whitelisting Bright. See the documentation.

Restrict a Repeater to a specific project(s)


You can now use a repeater only for particular projects, which lets different teams scan only specific local targets. See the documentation.


Optimize attack surface with custom headers


You can now optimize the attack surface by selecting specific custom headers to be covered by tests during scanning. These headers will be included in the “smart scan targets” for your scans, allowing you to test your custom headers with all our tests without compromising on scan speed. Run a scan with custom headers

Possibility to change the method on redirect when configuring an Authentication Object


When configuring an authentication object, you can now enable redirects for code 302, where the server expects the following methods to always be GET during redirects, and not the original method that triggered the redirect. Create an Authentication Object.

Allow using API keys to access role resources


From now on you can select the role-related access scopes when creating API keys, as well as manage those roles via our REST API. See documentation.

Easy access to Authentications


Now you can easily reach Authentications from the left menu. See the documentation

General UI improvements


Enjoy our improved breadcrumbs navigation, smart copy button, “found issues” view on the Scans page, and other UI enhancements to make your experience better.

Scan surface discovery and speed improvements

We improved scan speeds by automatically analyzing and excluding irrelevant entry points such as duplicates and static resources.

Related Articles:

Related topics

Dynamic Application Security Testing (DAST) is a crucial component in fortifying web applications against potential vulnerabilities. By taking a proactive stance, DAST systematically detects and addresses security flaws.

See more

By mapping Dynamic Application Security Testing (DAST) to the Payment Card Industry Data Security Standard (PCI DSS) requirements, organizations can

See more

What Is Mobile Application Security Testing?  Mobile application security testing is the process of assessing, analyzing, and evaluating the security

See more

Test Your Web App for 10,000+ Attacks

See Our Dynamic Application Security Testing (DAST) in Action

  • Find & fix vulnerabilities fast
  • Zero false positives
  • Developer friendly

and see how easy AppSec can be

Test Your Web App for 10,000+ Attacks

Integrate vulnerability testing into your DevOps pipeline. Find & fix vulnerabilities fast with zero false positives.
See Our Dynamic Application Security Testing (DAST) in Action
Testing variance Using Legacy Dast Using Dev-Centric Dast
% of orgs knowingly pushing vulnerable apps & APIs to prod 86% 50%
Time to remediate >Med vulns in prod 280 days <150 days
% of > Med vulns detected in CI, or earlier <5% ~55%
Dev time spent remediating vulns - Up to 60x faster
Happiness level of Engineering & AppSec teams - Significantly improved
Average cost of Data Breach (US) $7.86M $7.86M