Bright Security

Bright is a Dynamic Application Security Testing (DAST) platform built for software developers. It finds vulnerabilities in running web applications and APIs. As an application & API security testing platform for security teams and developers, Bright Security integrates into the user's CI/CD pipeline and enable users to run DAST scans with every build, as well as identify known (7,000+ payloads) and unknown (0-day) security vulnerabilities. Users can also scan multiple protocols across Web, mobile & APIs.

Bright aspires to provide:

• Remediation instructions that make sense​ - If a scan detects an issue, it offers remediation guidelines with the information developers need to fix it
• Integration with the developer toolchain​ - Bright works with existing CI/CD pipelines – trigger scans on every commit, pull request or build with unit testing. It can also automatically add tickets to Jira, GitHub, Azure Boards, GiLab and other systems.
• No false positives​ - The technology automatically verifies that any vulnerability it detects is actually exploitable, so that devs don’t waste time chasing ghosts.
• Control everything with code​ - Although Bright has a GUI, developers can use a CLI that lets them control everything
• Scans that take minutes instead of hours or days​ - Bright’s approach allows users to scan only the relevant parts of an app, so that there is no need to slow down the build process – including for unit testing.