Interactive application security testing

Last updated

Interactive application security testing (abbreviated as IAST) [1] is a security testing method that detects software vulnerabilities by interaction with the program coupled with observation and sensors. [2] [3] The tool was launched by several application security companies. [4] It is distinct from static application security testing, which does not interact with the program, and dynamic application security testing, which considers the program as a black box. It may be considered a mix of both. [5]

References

  1. Mike Chapple; James Michael Stewart; Darril Gibson (2021). (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. John Wiley & Sons. ISBN   978-1-119-78624-5.
  2. "OWASP DevSecOps Guideline - v-0.2 | OWASP Foundation". Owasp.org.
  3. "What is IAST: Interactive Application Security Testing". www.softwaretestinghelp.com.
  4. Tanya Janca (2020). Alice and Bob Learn Application Security. John Wiley & Sons. pp. 140–. ISBN   978-1-119-68735-1.
  5. Aaron Walker (August 14, 2019). "SAST vs. DAST: Application Security Testing Explained". www.g2.com. Archived from the original on 2022-07-20.


This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.