Skip to Content
CI CD IntegrationPost-phase: DAST

Post-phase: Dynamic Application Security Testing (DAST)

The Post-phase scan analyzes your running application from the outside-in, simulating real-world attacks to find vulnerabilities in a deployed environment.

Example Workflow: DAST Scan

This scan should be triggered after your application has been successfully deployed to a staging or production environment.

jobs:
  dast-scan:
    name: Post-phase - DAST Scan
    runs-on: ubuntu-latest
    steps:
      - name: Run Hashsecured Post-phase Scan
        uses: clockhash-kiran/scan-actions/post-phase@main
        with:
          target_url: 'https://your-deployed-app.com'
          user_id: 'YOUR_USER_ID'
          project_id: 'YOUR_PROJECT_ID'
          api_token: ${{ secrets.Hashsecured_API_TOKEN }}
Mid-phase: Container ScanPre-phase: Static Application Security Testing (SAST)