There are various methods for Web application security scanning.
Vex is a DAST tool, which performs security scanning based on HTTP requests and responses recorded on the tool.
[General flow of Vex scan]
Vex is placed between a client and an application server to be scanned as a proxy server and records HTTP requests and responses.Not limited to Web browser screens, but acquiring logs and scanning are possible to any target in which HTTP communication logs are generated.
[Related article]"Specifications to which Vex security scan is applicable/not applicable"
<Image of acquiring logs>
Vex generates a request in which a scanning value (*) is inserted based on the log recorded, and analyzes the response to determine if there are vulnerabilities.
3 parts to which a scanning value is inserted are described below.
*Generic values are selected for the values to be sent by Vex in order to prevent the target from being affected by sending them (i.e. The values are not effective as an exploit, but will change the behavior of the application if a vulnerability exists).
<Image of Vex scan>
*Note that the logic for detecting vulnerabilities varies depending on the signature, but it is common that the signatures mechanically detect vulnerabilities based on the responses received from the target server.