- Listen to our monthly AppSec Stats Flash podcast
- LEARN MORE
Glossary
Dynamic analysis, also known as dynamic program analysis, is the evaluation of a program or technology using real-time data. This method of analysis can be done on a virtual processor or on a real processor. Instead of taking code offline, vulnerabilities and program behavior can be monitored while the program is running, providing visibility into its real-world behavior.
Static code analysis is done by examining the code without the need to execute the program. The process provides an understanding of the code structure and can help ensure that the code adheres to industry standards. All code is scanned to check for any vulnerabilities and ensure the code is validated.
Dynamic analysis adopts the opposite approach and is executed while a program is in operation. Dynamic analysis performs continuous and concurrent risk assessments, searching for vulnerabilities within web applications and speeding interventions.