configure-dast-scan

What problem does it solve?

Add Dynamic Application Security Testing (DAST) steps to existing Harness pipelines using Harness STO scanners. Supports API DAST / Traceable (default), Burp Suite Enterprise, ZAP (OWASP), Nikto, and Nmap. Scans running application instances for vulnerabilities including API security issues, injection flaws, misconfigurations, and exposed services. Can insert the scan step into an existing CI or SecurityTests stage or create a dedicated SecurityTests stage. Use when asked to add DAST scanning, configure dynamic application testing, set up API security scanning, scan a running application, or add runtime security testing to a pipeline. Trigger phrases: add DAST scan, dynamic application security testing, API DAST, configure Traceable, scan running app, add Burp Suite scan, add ZAP scan, add Nikto scan, runtime security scan, API security scan.

Core Features & Use Cases

• Insert DAST steps into existing SecurityTests stage or CI, or create a dedicated SecurityTests stage for runtime security testing.
• Supports API DAST (Traceable), Burp Suite Enterprise, ZAP, Nikto, and Nmap scanners, with guidance on mode selection and authentication.
• Works with running application instances; requires after-deployment execution and optional infrastructure choices (Harness Cloud or KubernetesDirect).

Quick Start

Provide the Traceable domain, scan ID, and a token secret to configure an API DAST scan in your existing pipeline.