User Interface Overview
The FortiDAST solution provides an interactive and easy to use GUI which enables easy vulnerability assessment. The GUI home page contains 3 sections accessible from the left navigation menu.
Section |
Description |
---|---|
The dasboard displays the overall statistics and details for a scanned asset. See Dashboard |
|
|
The scans policy allows you add assets, authorize, and scan them for vulnerability scanning. The IP address/FQDN of web applications and the port are inputs on this page. The authorization and scan status of the assets are also displayed on this page. You can also configure the scanner for vulnerability assessment. See Vulnerability Assessment (scanning) of an Asset |
The scans overview displays the detailed scan result for vulnerability assessment. Scans Overview (Scan Result) |
Notifications
Click on the icon to view the following notifications; notifications are retained for 7 days.
- License about to expire
- License expired
- Alerts configured in custom settings of email notifications
- WAF rules generated for the vulnerablities selected
- The selected vulnerability is not detected for report generation
- Scheduled portal upgrade
- Portal upgrade completed
Outbreak Alerts
The FortiGuard labs will constantly monitor for potential security vulnerabilities and will designate certain CVEs as outbreak alerts if they are being widely exploited. All the outbreak alerts for the top 5 scanned assets can be viewed in the Dashboard page and asset specific outbreak alerts can be viewed in the Summary and Vulnerabilites pages.
Each alert in the Outbreak Alerts pane includes:
-
Name of the alert
-
Severity level
-
Last revised date
-
Description of the vulnerability
Following are the supported vulnerabilities for outbreak alerts in FortiDAST.
CVE |
Vulnerability |
---|---|
CVE-2021-26085 | Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability |
CVE-2021-26086 | Atlassian JIRA Path Traversal Vulnerability |
CVE-2022-0543 | Debian-specific Redis Server Lua Sandbox Escape Vulnerability |
Notes:
-
To detect Debian-specific Redis vulnerability - CVE-2022-0543 as an outbreak alert, FortiDAST Scripting Engine (FSE) must be enabled.
-
To detect CVE-2021-26085 or CVE-2021-26086 as an outbreak alert, you must add the base URL of Atlassian Confluence or JIRA as target respectively.