Resource Center  >  Blog

Product Update – January 2021

January 25, 2022
Admir Dizdar

A lot is happening with Bright! Here are some updates and new features that will make your experience even better.

New Features

Introducing a new scan status: Disrupted


With the news scan status of Disrupted, you can now easily distinguish scans that were stopped due to recoverable issues on the user’s side, for example:

  • When the repeater is no longer available during an active scan
  • When the target is not responding for X minutes (5 minutes by default)
  • When the scan finds no valid entry-points, due to incorrect configuration (missing authentication, no valid responses, etc.)
  • When a scheduled scan cannot start due to a configuration issue (file unavailable, repeater unavailable, etc.) The disruption event details are also recorded to Engine Notifications.

View your scans!


New Version of Okta Integration


We’ve made improvements to how you manage your team’s access to Bright’s scanner using Okta SSO. The Bright integration app is now available on the Okta marketplace. With this app, you can easily configure SSO integration via both OIDC and SAML protocols. You can also take advantage of the provisioning feature to automatically synchronize users and groups between your Okta application and your Bright organization.

Go to Okta Marketplace!

Project Level API Keys


To provide with more flexibility and control of how your teams access Bright, we added the ability to create and use API keys at the project level.

Check out the docs and learn more!

Brower-Based Authentication Improvements


We improved our form field detection algorithm to be able to look up the target field not only by name but also by labels, placeholders, and even unique HTML object IDs. That will make the process of configuring the authentication form quick and easy! Just write the name of the field as you see it, and our browser will find it in the form automatically. Easy!

Try it out!

Multi-step Browser-based Authentication


We extended the browser-based authentication configurations to support multiple steps, where you can easily specify your application’s unique login sequences.

Try it out!

General UI improvements


Check out our design improvements to the New Scan window to improve your user experience!

Start a new scan

General Performance improvements


Various improvements for Engine performance and stability for handling edge-cases during the discovery stage, and significant improvement to XSS testing

Related Articles:

Related topics

The practice of running DAST in production environments presents multiple risks and challenges that can actually hinder your security goals. Here’s why you should think twice before running DAST scans on a live production system.

See more

What Are Vulnerability Assessment Tools?  Vulnerability assessment tools are specialized software designed to identify, classify, and prioritize vulnerabilities in computer

See more

Secure coding refers to the practice of writing software code in a manner that minimizes vulnerabilities and guards against potential

See more

Test Your Web App for 10,000+ Attacks

  • Find & fix vulnerabilities fast
  • Zero false positives
  • Developer friendly
See Our Dynamic Application Security Testing (DAST) in Action
and see how easy AppSec can be

Test Your Web App for 10,000+ Attacks

Integrate vulnerability testing into your DevOps pipeline. Find & fix vulnerabilities fast with zero false positives.

  • Find & fix vulnerabilities fast
  • Scans all API formats
  • Zero false positives
  • Scan every build
  • Scan from CLI
  • Security as code
  • Developer friendly
See Next-Gen Dynamic Application Security Testing (DAST) in Action

and see how easy AppSec can be