Book a demo

Dynamic App Security Policies

Dynamic App Security policies identify security vulnerabilities in running web applications by testing them from an external attacker’s perspective.

The policies focus on issues that only appear during execution, such as injection flaws or insecure authentication, which may not be detected through static analysis or dependency scanning. Addressing dynamic application security issues helps reduce the risk of real-world exploitation before applications are exposed to users.

The article describes the policies in this category, configuration options, and the impact of policy violations. For an overview of policies and policy management, see the Policies article.

View and manage Dynamic App Security policies

Open each policy to view the business impact and optional settings.

DAST issue

Purpose: Identifies security vulnerabilities in running web applications by simulating external attacks against exposed interfaces using dynamic application security testing (DAST).

Business impact: Undetected vulnerabilities in web applications can be exploited by attackers to gain unauthorized access, expose sensitive data, or disrupt services.

Setting
Description
Default

ON/OFF (toggle)

Enable/disable the policy.

ON

Show issues of severity (dropdown)

Limits which severities appear as issues.

All (including Info)

  1. Open the Active Issues page.

  2. Use the Category filter and select the policy category to view related active issues.

  3. Use the Policy filter to narrow the list to a specific policy.

  4. Apply the Category and Policy filters separately or together, depending on how specific you want the results to be.

  5. Use the search box to refine results, such as filtering by file name, keyword, or rule identifier.

You can also view code-related issues on the Application page, where the Issues tab shows findings linked to that application.

When you change a policy’s severity, ON/OFF toggle or any other setting, you must save the current profile or create a new one.

  • To save the current profile, click SAVE in the page header.

  • To create a new profile, click SAVE AS in the page header. For instructions, see the section Create or edit policy profiles in the Policies article.

Last updated