Static Application Security Testing

What Does Static Application Security Testing Mean?

Static application security testing (SAST) is a type of security testing that relies on inspecting the source code of an application. In general, SAST involves looking at the ways the code is designed to pinpoint possible security flaws.

Advertisements

Techopedia Explains Static Application Security Testing

SAST is often contrasted with another term that is, in some ways, opposite to it: dynamic application security testing (DAST). The difference between these two is that, with SAST, testers read the source code. They look for logical flaws, such as a loophole in data control, something that a hacker could use to gain access to the system. In contrast, in DAST, testers do not look at the source code but perform behavioral testing instead — they run the application and look for flaws that way.

IT experts also differentiate between the two using the terms "white box testing" and "black box testing." SAST is white box testing because the source code for the application is available and transparent. That is what testers look at. In contrast, DAST is black box testing because the source code is not part of the equation. Instead, black box testers rely solely on the behavior of the application.

Advertisements

Related Terms

Latest Privacy and Compliance Terms

Related Reading

Margaret Rouse
Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

Related News

dummy_img
Artificial Intelligence

The Role AI Can Play in Pharmaceutical Discovery

Nicole Willing9 years
dummy_img
Cryptocurrency

Friend.Tech SIM Swap Attacks: Analysis and Protective Measures

Sam Cooling9 years
dummy_img
Trading

Admirals Is Helping UK Traders Trade More For Less With Extended Hours And Tight Spreads

Yash Majithia9 yearsEditor
dummy_img
Cyber Threats

Cybersecurity Awareness Month: Four Safety Steps to Take Today

Neil C. Hughes9 yearsSenior Tech Writer
dummy_img
Business Intelligence (BI)

How the Metaverse Can Transform the Service Industry

Assad Abbas9 yearsAssociate Professor of Computer Science
dummy_img
Artificial Intelligence

How Google DeepMind’s OPRO Transforms LLMs into Problem-Solving Tools

Dr. Tehseen Zia9 yearsTenured Associate Professor

Popular Categories
Show All

Antivirus
Antivirus
Artificial Intelligence
Artificial Intelligence
Audio
Audio
CRM
CRM
Cryptocurrency
Cryptocurrency
Gambling
Gambling
Gaming
Gaming
HR
HR
Laptops
Laptops
Network
Network
Password Managers
Password Managers
Project Management
Project Management
Spy
Spy
Trading
Trading
VoIP
VoIP
VPN
VPN