Detectify integration for DAST
Problem to solve
Detectify is an automated scanner that checks web application for known vulnerabilities and monitors subdomains for hostile takeovers. It could be a good replacement for customers who don't want to use our ZAP integration.
- Delaney, Development Team Lead, https://design.gitlab.com/research/personas#persona-delaney
- Sasha, Software Developer, https://design.gitlab.com/research/personas#persona-sasha
- Sam, Security Analyst), https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/#sam-security-analyst
Our Security Products follow a common report format (Even if DAST doesn't implement it yet: &810). As soon as a report if providing the required fields, in a valid JSON file, data can be provided by any kind of scanner.
Permissions and Security
We will have a new page explaining how to integrate Detectify with GitLab. This page can be linked from the dast page directly, or from a new "integrations for Security Products" page.
What does success look like, and how can we measure that?
- Number of users using Detectify for DAST (along with ZAP or not)
What is the type of buyer?