Use AI-assisted Authentication (Early Access)
Learn how to configure AI-assisted Authentication for Polaris fAST Dynamic to simplify DAST scans of sites that require authentication.
Overview
AI-assisted Authentication for fAST Dynamic uses machine learning, computer vision techniques, and a large language model (LLM) to automate the login process for DAST tests on web application targets.
To set up AI-assisted Authentication, you provide a login URL, username and password, and multi-factor authentication (MFA) details (if needed). When you start a DAST scan, AI-assisted Authentication does the following:
- Captures screenshots of input forms, buttons (e.g. Login, Submit), and other relevant UI elements.
- Dismisses cookie popups and banners.
- Analyzes screenshots with an LLM to create a customized authentication script.
- Completes all login steps automatically.
- Triggers a fAST Dynamic DAST scan of the web application.
You do not need to configure CSS selectors, form values, or other advanced authentication settings because they will be auto-detected.
The feature is currently supported for two authentication methods:
- Simple authentication: Form-based authentication via a username and password. Single-page and multi-page login sequences are both supported.
- Time-based one-time password (TOTP) MFA and email MFA.
Security controls such as CAPTCHAs and security questions are not supported.
Data privacy
The AI-assisted Authentication feature of Polaris fAST Dynamic communicates with an LLM that runs on a private cloud service. Please note:
- None of the prompts or responses exchanged between the feature and the LLM are used to:
- Train or improve the LLM.
- Improve the LLM provider's other products or services.
- To facilitate AI-assisted Authentication, screenshots of login pages associated with the login URL that you configure in your authentication profile are sent to the LLM.
- No source code, site credentials, or confidential information are transmitted to the LLM.
- Data exchanged between the feature and the LLM is encrypted for storage and transmission.
Enable AI-assisted Authentication
Note that fAST Dynamic does not support multiple authentication profiles at this time. The scanner will default to the first authProfile
in the array if multiple profiles are defined.