Fortinet black logo

User Guide

23.1.a
24.1.a
24.1.0
23.4.a
23.4.0
23.3.0
23.2.a
23.2.0
23.1.a
23.1.0
22.4.a
22.4.0
22.1.0

Support Matrix

Support Matrix

Supported Scanners

Scanner

Description
SAST

Scans the source code of an application during development to minimize zero-day vulnerabilities. The application languages supported for SAST are Shell, Java, Ruby on Rails, Python, Golang, PHP, JavaScript/NodeJS, C and C++.
SCA

Scans for vulnerabilities in the open-source libraries/components used by the application. The programming languages supported by the SCA scanner are Java, Javascript, Ruby, Python, Golang, and PHP.
Secret

Scans to detect certificates and other secrets committed into Git.
IaC

Scans your IaC configuration files for Terraform, Cloud Formation, Docker and Kubernetes, to detect configuration issues.
Container

Scans container components to identify potential vulnerabilities.
DAST

Scans a deployed application at runtime to detect vulnerabilities. The DAST scanner supports scanning of assets/targets hosted on both the internal network of an organization and the external/public network using FortiDAST proxy server. See FortiDAST Proxy Server.

The DAST scanner allows you to configure a full or a quick scan using the FortiDAST, for more information see FortiDAST Scanner.

  • Quick Scan : A quick scan is fast mode scanning that provides vulnerability assessment based on limited testing/scraping of the static pages of your asset. These pages are scraped by searching and extracting URLs from HTML tags and attributes.

  • Full scan: A full scan provides vulnerability assessment based on complete testing/scraping of the static and dynamic pages of your asset. The Crawler also performs browsing simulation such as clicking of buttons, links, and images to test the interaction between the dynamic pages and the browser. This mode of vulnerability assessment takes longer than a quick scan.

Supported CI/CD Pipeline Tools

Support for the following CI/CD tools is available. For more information, see Running the Security Scan

  • AWS CodePipeline
  • Azure DevOps
  • Bamboo
  • CircleCI
  • Drone CI
  • GCP Cloud Build
  • GitHub Actions
  • GitLab
  • Jenkins
  • Travis CI
Previous
Next

Support Matrix

Supported Scanners

Scanner

Description
SAST

Scans the source code of an application during development to minimize zero-day vulnerabilities. The application languages supported for SAST are Shell, Java, Ruby on Rails, Python, Golang, PHP, JavaScript/NodeJS, C and C++.
SCA

Scans for vulnerabilities in the open-source libraries/components used by the application. The programming languages supported by the SCA scanner are Java, Javascript, Ruby, Python, Golang, and PHP.
Secret

Scans to detect certificates and other secrets committed into Git.
IaC

Scans your IaC configuration files for Terraform, Cloud Formation, Docker and Kubernetes, to detect configuration issues.
Container

Scans container components to identify potential vulnerabilities.
DAST

Scans a deployed application at runtime to detect vulnerabilities. The DAST scanner supports scanning of assets/targets hosted on both the internal network of an organization and the external/public network using FortiDAST proxy server. See FortiDAST Proxy Server.

The DAST scanner allows you to configure a full or a quick scan using the FortiDAST, for more information see FortiDAST Scanner.

  • Quick Scan : A quick scan is fast mode scanning that provides vulnerability assessment based on limited testing/scraping of the static pages of your asset. These pages are scraped by searching and extracting URLs from HTML tags and attributes.

  • Full scan: A full scan provides vulnerability assessment based on complete testing/scraping of the static and dynamic pages of your asset. The Crawler also performs browsing simulation such as clicking of buttons, links, and images to test the interaction between the dynamic pages and the browser. This mode of vulnerability assessment takes longer than a quick scan.

Supported CI/CD Pipeline Tools

Support for the following CI/CD tools is available. For more information, see Running the Security Scan

  • AWS CodePipeline
  • Azure DevOps
  • Bamboo
  • CircleCI
  • Drone CI
  • GCP Cloud Build
  • GitHub Actions
  • GitLab
  • Jenkins
  • Travis CI
Previous
Next