Difference between revisions of "Dynamic Application Security Testing"
Jump to navigation
Jump to search
Line 20: | Line 20: | ||
== Software == | == Software == | ||
* [[GitLab Ultimate]] since January 2018 10.4 https://about.gitlab.com/releases/2018/01/22/gitlab-10-4-released/, https://docs.gitlab.com/ee/user/application_security/dast/ | * [[GitLab Ultimate]] since January 2018 10.4 https://about.gitlab.com/releases/2018/01/22/gitlab-10-4-released/, https://docs.gitlab.com/ee/user/application_security/dast/ | ||
+ | * [[GitLab Auto DAST]] | ||
* [[OWASP ZAP]] | * [[OWASP ZAP]] | ||
Revision as of 04:55, 17 August 2022
- Cross-site scripting
- Injection: Injection flaws, such as SQL injection, NoSQL, OS, and LDAP injection.
- Path disclosure
- Denial-of-service
- Code execution
- Memory corruption
- Cross-site request forgery
- Information disclosure
- Arbitrary file
- Local file inclusion
- Remote file inclusion
- Buffer overflow
As of 2019 there is no Synopsys DAST on-premises product.
Software
- GitLab Ultimate since January 2018 10.4 https://about.gitlab.com/releases/2018/01/22/gitlab-10-4-released/, https://docs.gitlab.com/ee/user/application_security/dast/
- GitLab Auto DAST
- OWASP ZAP
Related terms
- Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx
See also
Advertising: