WASViking Docs
⌘K
Introduction

Welcome to WASViking

What WASViking is, what it covers, and how to find your way around these docs.

WASViking is a continuous exposure management and DAST platform for modern web applications, APIs, and software supply chains. These docs cover the platform in full: concepts, capabilities, how to run a scan, how to integrate with your stack, and how to operate the evidence the platform produces.

What you can do with WASViking

WASViking ships three answers to the security leader, in one console:

  1. See what you expose. External and internal DAST, modern protocol coverage (REST, OpenAPI, GraphQL, SOAP/WSDL, WebSocket, JWT), asset inventory with drift detection.
  2. Know what is in your software. Cloud-side component detection, premise-side SBOM, CI/CD SCA gate, signed Evidence Bundle, daily OSV and CISA KEV ingest.
  3. Operate the evidence. Findings workflow with Risk Score, SLA digest, Exploit Path Graph, Posture Shares, compliance mapping across five frameworks.

How these docs are organized

  • Introduction explains the platform and how it works at a high level.
  • Getting Started walks a new user from account creation through the first scan, team setup, and authenticated scanning.
  • Concepts defines the vocabulary used across the product: targets, assets, findings, Risk Score, scan profiles, Environment Profile.
  • Capabilities documents each scanner and analyzer in detail.
  • Sentinel agent covers the on-premises agent: install, internal scanning, SBOM, secrets, and the CI/CD gate.
  • Integrations covers Jira, Slack and Teams, Webhooks, SAML SSO, and SIEM destinations.
  • API Reference documents the public REST API, scopes, endpoints, and webhook events.
  • Compliance maps findings to PCI DSS v4.0, LGPD, GDPR, BACEN, and ISO 27001:2022, and explains the Evidence Bundle.
  • Partner Console is for resellers and MSSPs operating WASViking on behalf of customers.
  • Security describes the platform architecture, tenant isolation, and how to report a vulnerability responsibly.

Where to start

If you are evaluating WASViking, start with Platform overview.

If you have an account and want to run your first scan, go to Your first scan.

If you are integrating WASViking into a CI/CD pipeline, head to the Sentinel agent section.

How to give feedback

Email [email protected]. We read every message.