Dynamic Application Security Testing

Why Trust Techopedia

What Does Dynamic Application Security Testing Mean?

Dynamic application security testing (DAST) is a process of testing an application or software product in an operating state. This kind of testing is helpful for industry-standard compliance and general security protections for evolving projects.

Advertisements

Techopedia Explains Dynamic Application Security Testing

Typically, IT professionals contrast dynamic application security testing (DAST) with another type of testing, static application security testing (SAST). Whereas DAST involves operational testing, SAST involves looking at the source code and theorizing about security vulnerabilities or spotting design and construction flaws with potential for vulnerability. Moreover, DAST may be called "behavioral testing" in that testers often find problems that are not specifically linked to a code module, but happened during use. The task then is to trace them back to their roots in terms of the software design.

Tech companies offer both DAST and SAST services. Typically, these cover different types of ground in comprehensive testing processes — for example, DAST may only cover certain parts of the interface or design. Using DAST and SAST in combination can help catch different types of security problems before a product is released or develops a growing user base.

Advertisements

Related Terms

Margaret Rouse
Technology Expert
Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.