Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    24.3.0
    24.3.a
    24.3.0
    24.2.0
    24.1.a
    24.1.0
    23.4.a
    23.4.0
    23.3.0
    23.2.a
    23.2.0
    23.1.a
    23.1.0
    22.4.a
    22.4.0
    22.1.0

    FortiDAST App Config

    FortiDAST App Config

    FortiDAST App Config plugin allows you to configure the target asset for DAST scanning in FortiDevSec GUI. Once the target asset URL validated you can perform additional configuration in FortiDAST portal.

    To configure FortiDAST scanning for a new application, see Adding a New Application.

    To add/edit FortiDAST configuration for an existing apllication:

    1. In the FortiDevSec dashboard, click the desired application.

    2. In the scanned application details page, click Settings.

    3. in Application details page, under Application Plugins section, click FortiDAST Configure.

    4. Toggle the FortiDAST App config, if not already enabled. If FortiDAST plugin is already enabled, update the required fields and click OK.

    5. Enter the target asset URL and port number.

    6. Click Validate DAST.

    7. Once the URL is validated, click DAST Config Link to perform additional configuration in FortiDAST portal. See Configuring FortiDAST Scanner.

    8. Once you complete the configuration in FortiDAST portal, return to the FortiDevSec tab and click OK.

    9. To download the updated yaml configuration file, click Scanner Config.
      Note: To perform DAST scan, uncomment the dast configuration in fdevsec.yaml file even when FortiDAST asset/URL is configured through GUI plugin.

    10. Perform the scan. See Running the Security Scan.

    Notes:

    • You can disable or modify the URL at any point after app creation from the scanned application details page. The configured URL will be updated accordingly, but the last scan results will be displayed until the next scan.

    • If the URL is not configured or disabled in the GUI, the URL mentioned in the YAML file or sent through the command line will be used for the scan.

    • If you have already configured a URL in the FortiDevSec GUI and enabled it, but configured a different URL using the YAML config or command line, the scanner will give you an error message because the two URLs do not match. To fix this, you must either update the URL in the YAML config or command line to match the one in the GUI, or disable the URL scan option in the GUI.

    Previous
    Next

    FortiDAST App Config

    FortiDAST App Config

    FortiDAST App Config plugin allows you to configure the target asset for DAST scanning in FortiDevSec GUI. Once the target asset URL validated you can perform additional configuration in FortiDAST portal.

    To configure FortiDAST scanning for a new application, see Adding a New Application.

    To add/edit FortiDAST configuration for an existing apllication:

    1. In the FortiDevSec dashboard, click the desired application.

    2. In the scanned application details page, click Settings.

    3. in Application details page, under Application Plugins section, click FortiDAST Configure.

    4. Toggle the FortiDAST App config, if not already enabled. If FortiDAST plugin is already enabled, update the required fields and click OK.

    5. Enter the target asset URL and port number.

    6. Click Validate DAST.

    7. Once the URL is validated, click DAST Config Link to perform additional configuration in FortiDAST portal. See Configuring FortiDAST Scanner.

    8. Once you complete the configuration in FortiDAST portal, return to the FortiDevSec tab and click OK.

    9. To download the updated yaml configuration file, click Scanner Config.
      Note: To perform DAST scan, uncomment the dast configuration in fdevsec.yaml file even when FortiDAST asset/URL is configured through GUI plugin.

    10. Perform the scan. See Running the Security Scan.

    Notes:

    • You can disable or modify the URL at any point after app creation from the scanned application details page. The configured URL will be updated accordingly, but the last scan results will be displayed until the next scan.

    • If the URL is not configured or disabled in the GUI, the URL mentioned in the YAML file or sent through the command line will be used for the scan.

    • If you have already configured a URL in the FortiDevSec GUI and enabled it, but configured a different URL using the YAML config or command line, the scanner will give you an error message because the two URLs do not match. To fix this, you must either update the URL in the YAML config or command line to match the one in the GUI, or disable the URL scan option in the GUI.

    Previous
    Next