This company provides DAST scanning solution no other company can in a direct focused way
What do you like best about the product?
Scanning and testing capabilities for frontend of your application are next level
Flexibility in reports generation
Constant meaningful improvements in Ease of Use in last year, for example Incremental app that analyzes entrypoints and triggers scans without having to set up the parameters relevant to each.
Customer Support is very helpful even when I am not from the security field. Support also are crucial for Ease of implementation, and follow up on a weekly basis on progress.
Flexibility in reports generation
Constant meaningful improvements in Ease of Use in last year, for example Incremental app that analyzes entrypoints and triggers scans without having to set up the parameters relevant to each.
Customer Support is very helpful even when I am not from the security field. Support also are crucial for Ease of implementation, and follow up on a weekly basis on progress.
What do you dislike about the product?
More challenging for products that require frequent reinstall
Could use better integration with API scanning, like entrypoint discovery with target's swagger page
Need to improve flexibility in entrypoint management for a given project (mass edit, mass delete etc)
I would also suggest diversifying the licensing options:
I need to run multiple scans in short amount of time once every 2 months to test all products. Currently the license is for one engine, which means I can use it 24/7 but am limited to one running scan. Having an option for several engines that are time limited with frequency required would be useful, even a pay-as-you-go format would work well for these use cases.
Could use better integration with API scanning, like entrypoint discovery with target's swagger page
Need to improve flexibility in entrypoint management for a given project (mass edit, mass delete etc)
I would also suggest diversifying the licensing options:
I need to run multiple scans in short amount of time once every 2 months to test all products. Currently the license is for one engine, which means I can use it 24/7 but am limited to one running scan. Having an option for several engines that are time limited with frequency required would be useful, even a pay-as-you-go format would work well for these use cases.
What problems is the product solving and how is that benefiting you?
Bright helps me meet my company's security requirements for the product my group develops.
There are no comments to display