Welcome to NightVision! We're excited you're here 😃

NightVision is a white-box-assisted Dynamic Application Security Testing (DAST) tool. NightVision helps you identify security vulnerabilities in web applications and REST APIs to secure your systems and keep your data safe.

Here's how it works:

NightVision acts like a see-through lock for AppSec testing 🔐. NV analyzes the code (looking at the lock's inner mechanics) before simulating attacks (picking the lock) and then traces exploitable vulnerabilities back to the code origin, in GitHub Security Alerts, Azure DevOps, or other supported integrations.

With over 80% of REST APIs being undocumented (and untested for security issues), NightVision can help you to illuminate and test shadow APIs and existing APIs across your portfolio. Learn more about API Discovery here.

Use Cases

Automate scans in CI/CD Pipelines: NightVision specializes in scanning apps and APIs within CI/CD pipelines. Scans complete in a few minutes!
Pentesting: NV can also be used for pentesting from your laptop, or within a cloud environment.
Developer Self-service scans: NightVision is developer friendly! It's easy to use, so developers can use it from the command line or the VS Code Extension, even if they aren't security experts.

Getting Started

We've put together some helpful guides to help you get set up with NightVision quickly and easily.