AppCheck DAST Tool

AppCheck DAST Tool is a dynamic application security testing solution that scans web applications and APIs for security vulnerabilities. The tool uses browser-based crawling to discover and test modern applications including single-page applications (SPAs). The scanner includes automated authentication capabilities with support for multi-factor authentication methods including TOTP and email-based MFA, bearer tokens, request signing, digest authentication, and client certificates. It features session management that maintains authentication throughout scans. The tool detects various vulnerability types including injection flaws, cross-site scripting (XSS), remote code execution (RCE), insecure direct object references (IDOR), and OWASP vulnerabilities. It identifies over 100,000 known security flaws (CVEs) and uses out-of-band detection techniques for hidden issues. Detection methods are payload-based to minimize false positives. AppCheck provides vulnerability reports with impact assessments, technical narratives, and remediation guidance. The platform supports role-based access control (RBAC), unlimited users, and unlimited scans. It includes scheduling capabilities for automated recurring scans and offers alerts for critical security issues and emerging threats. The tool can be used throughout the application lifecycle from development to production environments and provides API access for integration with existing workflows.