- Listen to our monthly AppSec Stats Flash podcast
- LEARN MORE
Glossary
Dynamic Application Security Testing (DAST) is a security checking process that uses penetration tests on applications while they are running. This is performed without a view into the internal source code or application architecture – it essentially uses the same techniques that an attacker would use to find potential weaknesses. The more applications that are used to optimize a site, the more potential vulnerabilities to cyber-attack. A DAST test can look for a broad range of vulnerabilities, including input/output validation issues that could leave an application vulnerable to cross-site scripting or SQL injection.
Dynamic Application Security Testing (DAST) takes place once applications have gone into production or entered runtime, following earlier lifecycle stages. These runtime tests are important in catching cyber attackscyber-attacks and threats that may only be obvious once an application has gone live.
DAST continually scans websites as they evolve and continues after execution, allowing for automatic detection and assessment of anomalous behaviorbehaviour and code alternations. Once a vulnerability is discovered, automated alerts can be prioritized.
Together with Static Application Security Testing (SAST), DAST is vital for web application security program effectiveness, since some errors and vulnerabilities only appear once production has started.
WhiteHat Sentinel Dynamic is part of a full suite of application security services provided by the WhiteHat Sentinel Application Security Platform. Learn more about how Sentinel can protect your applications across the whole software development lifecycle, and check out how our Service Delivery team works to verify all vulnerabilities, delivering near zero false positives so that you can focus on the real vulnerabilities that matter most.