Dynamic Application Security Testing (DAST)
Dynamic application security testing (DAST) is a process of testing an application or software product in an operating state. This kind of testing is helpful for industry-standard compliance and general security protections for evolving projects.
Typically, IT professionals contrast dynamic application security testing (DAST) with another type of testing, static application security testing (SAST). Whereas DAST involves operational testing, SAST involves looking at the source code and theorizing about security vulnerabilities or spotting design and construction flaws with potential for vulnerability. Moreover, DAST may be called “behavioral testing” in that testers often find problems that are not specifically linked to a code module, but happened during use. The task then is to trace them back to their roots in terms of the software design.
Tech companies offer both DAST and SAST services. Typically, these cover different types of ground in comprehensive testing processes — for example, DAST may only cover certain parts of the interface or design. Using DAST and SAST in combination can help catch different types of security problems before a product is released or develops a growing user base.