Akto DAST

Akto DAST (Dynamic Application Security Testing) allows you to automatically scan and collect API endpoints and traffic data directly from your machine. This enables effective security testing without traffic mirroring or cloud agent setup.

Getting Started

✅ Pre-requisite

Akto X-API-Key: Generate this from your Akto dashboard under Settings > Integrations > Akto API.

Steps to Start:

Navigate to the Quick Start > Akto DAST section in your Akto dashboard.
Enter your website URL and Akto X-API-Key.
(Optional) If your site requires login, check the box and provide your email and password.
Adjust crawl configurations as needed.
Click Crawl to start capturing traffic and discovering APIs.

Akto DAST Options

Option

Description

Maximum page visits

Maximum visits per page during crawling (e.g., 2).

DOM load timeout (ms)

Time to wait for DOM to fully load before analyzing (e.g., 3000).

Click external links

Allow the crawler to navigate to external domains (checkbox).

After Crawling

Once the crawl is complete:

A new Collection will be created based on your domain name. For example, if your website is https://app.akto.io, a collection named app.akto.io will be created.
If a collection with that domain name already exists, the new data will be merged into the existing collection instead of creating a duplicate.

You can view and manage this collection under the API Discovery > Collections page in your Akto dashboard.

Get Support for your Akto setup

There are multiple ways to request support from Akto. We are 24X7 available on the following:

In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.
Join our discord channel for community support.
Contact [email protected] for email support.
Contact us here.

PreviousFAQs on data concerns NextTraffic Data Sources

Last updated 1 day ago

Was this helpful?