Yes, WebInspect has an agent for .NET and JAVA based applications. For example, "For certain checks (such as SQL injection, command execution, and cross-site scripting), Fortify WebInspect Agent intercepts Fortify WebInspect HTTP requests and conducts runtime analysis on the target module."

www.microfocus.com/.../index.htm

Do we need to do any configuration or it happens automatically while scanning?

You will need to install the WebInspect Agent on the machine you are scanning. For example, if you are scanning a site hosted on IIS you would install the WebInspect Agent for .NET per the documentation. Once the agent is installed on the server, WebInspect should detect the presence of the agent.

Here is a YouTube video on how to install the .NET Agent - www.youtube.com/watch

From where can I download the executable to install agents for java and dotnet?

Answer posted here - community.microfocus.com/.../where-to-download-fortify_webinspect_runtime_agent_java_xx-x-tar-gz

Thanks for the detailed replies and your time Ethan.