Bright Security’s Enterprise Grade Dev-Centric DAST Integrates with

Microsoft Defender for Cloud →
Product overview

See how dev-centric DAST for the enterprise secures your business.

Web attacks

Continuous security testing for web applications at high-scale.

API attacks

Safeguard your APIs no matter how often you deploy.

Business logic attacks

Future-proof your security testing with green-flow exploitation testing.

LLM attacks

Next-gen security testing for LLM & Gen AI powered applications and add-ons.

Interfaces & extensions

Security testing throughout the SDLC - in your team’s native stack.


Connecting your security stack & resolution processes seamlessly.


Getting started with Bright and implementing it in your enterprise stack.

Book a demo

We’ll show you how Bright’s DAST can secure your security posture.


Check out or insights & deep dives into the world of security testing.

Webinars & events

Upcoming & on-demand events and webinars from security experts.


Getting started with Bright and implementing it in your enterprise stack.

Case studies

Dive into DAST success stories from Bright customers.


Download whitepapers & research on hot topics in the security field.

About us

Who we are, where we came from, and our Bright vision for the future.


Bright news hot off the press.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

We're hiring

Want to join the Bright team? See our open possitions.

Bug bounty

Found a security issue or vulnerability we should hear about? Let us know!

Contact us

Need some help getting started? Looking to collaborate? Talk to us.

Resources > Blog >
My first-time RSA experience

My first-time RSA experience

Gadi Bashvitz

Last week I attended my first RSA Conference in San Francisco representing Bright. I wanted to share my impressions and thoughts as a first-timer at the RSA craziness.

Let’s start with the bottom line:

  • >2,000 leads collected
  • >60 meetings attended
  • >500 new LinkedIn followers
  • 1,000 kites given away
  • 2,000 stickers given to attendees
  • >XYZ ounces of alcohol consumed
  • <3 hours a night sleep
  • Hundreds of new friends
  • 0 CoronaVirus (so far…).

If you walked around San Francisco last week and didn’t see a NeuraLegion kite, you must have not actually been in San Francisco as they were everywhere!

The conference is a non-stop 24-hour event that starts on Monday and ends late Thursday evening. However, this is an understatement. Having a larger team from Bright represent at RSA this week, the team actually came to San Francisco on Saturday (a couple of days before the conference) so we could do some team building and PRACTICE, PRACTICE, PRACTICE to make sure we take advantage of RSA.

The conference started in earnest on Monday and most of the day was spent in pre-scheduled meetings. 

PRO TIP: Schedule as many meetings as possible ahead of time as this will be very valuable and help you focus.

The B-Sides conference was held in San Francisco in parallel to the RSA Conference. It was great to attend some of the sessions and catch up with Tanya Janca (@shehackspurple) to discuss DevSecOps and empowering developers to write more secure code.

After the opening reception on Monday it was time to start the evening festivities. There were many events, but my favorite was the ClearSky Ventures cocktail reception. Thank you to the Clearsky team for hosting us and all the great people we met.

Shoham & Me sneaking a picture with the team before the rest of the guys showed up.

In addition to the meetings and sessions this was the busiest day at the booth and our team had hundreds of discussions with people excited to discuss AppSec, DAST, DevSecOps and many other application security related issues.

We will skip the evening festivities, but I’ll add 2 pro tips here.

PRO TIP 2: Make sure you remember that you have a 7AM meeting Wednesday before you decide how many parties you are going to attend on Tuesday night…

PRO TIP 3: “If you find yourself on the Golden Gate Bridge at 1:45AM with a bunch of people you didn’t know until 12:30AM then you are OK as long as they all have conference badges and seem to have fluency in Cybersecurity…

Wednesday morning kicked off with a bang at the Glilotcapital breakfast. We had quite a few great discussions with representatives from Atlassian, Intuit, Barclays and others.

Wednesday wrapped up with a CICC at JVP event and many more exciting discussions about cybersecurity, AIAST, DAST & AppSec.

The team was feeling a lot more relaxed (or sleep-deprived) by Thursday…

Overall this was an excellent conference and the follow up is keeping us very busy and will likely keep us busy for months to come.

Feel free to ping me if you have any questions, or want to learn more about RSA and how to navigate it correctly. After all, I survived my first #RSAC so I must be an expert.


Domain Hijacking: How It Works and 6 Ways to Prevent It

What Is Domain Hijacking?  Domain hijacking refers to the unauthorized acquisition of a domain name by a third party, effectively taking control away from the rightful owner. This form of cyber attack can lead to significant disruptions, including loss of website functionality, email services, and potentially damaging the brand’s reputation.  Domain hijackers often exploit security

Mastering Vulnerability Management: A Comprehensive Guide

Modern day organizations face a constant barrage of cyber threats, making it imperative to implement robust vulnerability management processes. Vulnerability management is a systematic approach to identifying, evaluating, treating, and reporting on security vulnerabilities in systems and their associated software. In this blog post, we’ll delve into the four crucial steps of vulnerability management process

Vulnerability Scanners: 4 Key Features, Types, and How to Choose

A vulnerability scanner is a specialized software tool designed to assess the security of computers, networks, or applications by automatically detecting and analyzing weaknesses. These scanners proactively search for security vulnerabilities, such as unpatched software, misconfigurations, and other security gaps that could be exploited by attackers. Some scanners can simulate the actions of an attacker to help identify exploitable vulnerabilities.

Get our newsletter