Difference between revisions of "Application Security Testing (AST)"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
|||
Line 35: | Line 35: | ||
== See also == | == See also == | ||
* [[RASP]] | * [[RASP]] | ||
+ | * {{DAST}} | ||
* {{AST}} | * {{AST}} | ||
* {{Gartner}} | * {{Gartner}} | ||
− | |||
[[Category:Security]] | [[Category:Security]] |
Revision as of 14:40, 3 August 2021
This article is a Draft. Help us to complete it.
wikipedia:Application Security Testing
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Interactive Application Security Testing (IAST), for example, instrumenting the Java Virtual Machine (JVM) or .NET CLR. For example: Seeker (Synopsys)
- Synopsys: Coverity (2002) No DAST on-premises product
- Veracode: AST tools, only AST as a service.
- Micro Focus: Fortify WebInspect. As a product, as well as in the cloud.
- Checkmarx
- WhiteHat Security
- Qualys: glibc
- Rapid7
- CAST
- Contrast Security
- Acunetix
- Positive Technologies
- SiteLock
- Trustwave
- SonarQube 2006-2007
Other vendors: edgescan, Fasoo, GitLab, GrammaTech, ImmuniWeb, Kiuwan, Netsparker, NSFOCUS, N-Stalker, Onapsis (Virtual Forge), PortSwigger, Positive Technologies, SiteLock, SonarQube, Trustwave and Wallarm
Other applications: kubesec, flawfinder
Related terms
- Software Composition Analysis (SCA)
- ASLR, PIE, and NX
See also
- RASP
- DAST, SQL injection, Denial-of-service attack (DoS attack), Buffer overflow
- Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx
- Research and analisys, Market Intelligence: Gartner, Gartner Magic Quadrant, Gartner hype cycle, Gartner Market Guide, Forrester: Forrester Wave, IDC, 451 Research, CB Insights, G2 Crowd, SIEM Magic Quadrant, Privileged Access Management, Nielsen, 451 Group (451 research), Gartner Cool Vendors in Cloud Computing, Capterra
Advertising: