Proposal to Customize DAST with Interactive Pre-Scan Workflows

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to Solve

As an app sec analyst, I want to be able to use DAST to scan a specific module of my application, so that I can run security tests on a small portion of my application.

Proposal

This proposal suggests extending GitLab's DAST capabilities to support interactive pre-scan workflows, allowing users to define specific paths, interactions, and form submissions before initiating the security scan. This feature will enable more targeted security testing of specific plugins, modules, or areas of the application that require authentication or complex user interactions to access.

This came up in a Zendesk Ticket - internal only

PM to mention: @smeadzinger