Difference between revisions of "Dynamic Application Security Testing"
Jump to navigation
Jump to search
(Removed redirect to Application Security Testing) Tag: Removed redirect |
|||
(14 intermediate revisions by 2 users not shown) | |||
Line 2: | Line 2: | ||
+ | * [[Cross-site scripting]] | ||
+ | * [[Injection]]: Injection flaws, such as [[SQL injection]], NoSQL, OS, and [[LDAP]] injection. | ||
+ | * [[Path disclosure]] | ||
+ | * [[Denial-of-service attack|Denial-of-service]] | ||
+ | * [[Arbitrary code execution|Code execution]] | ||
+ | * [[Memory corruption]] | ||
+ | * [[Cross-site request forgery]] | ||
+ | * [[Data breach|Information disclosure]] | ||
+ | * [[File inclusion vulnerability|Arbitrary file]] | ||
+ | * [[File inclusion vulnerability|Local file inclusion]] | ||
+ | * [[File inclusion vulnerability|Remote file inclusion]] | ||
+ | * [[Buffer overflow]] | ||
+ | |||
+ | As of 2019 there is no [[Synopsys]] [[DAST]] on-premises product. | ||
+ | |||
+ | == Software == | ||
+ | * [[GitLab Ultimate]] since January 2018 10.4 https://about.gitlab.com/releases/2018/01/22/gitlab-10-4-released/, https://docs.gitlab.com/ee/user/application_security/dast/ | ||
+ | * [[GitLab Auto DAST]] | ||
+ | * [[OWASP ZAP]] | ||
+ | * GitLab DAST API and API Fuzzing speed improvements | ||
+ | * [[GitLab]] DAST API analyzer for on-demand DAST API scans | ||
+ | |||
+ | == Related terms == | ||
+ | * {{AST}} | ||
+ | * [[Browser-based DAST]] | ||
== See also == | == See also == | ||
+ | * [[Security scanners]] | ||
* [[Application Security Testing]] | * [[Application Security Testing]] | ||
+ | * [[Manual Penetration Testing]] (MPT) | ||
+ | * {{DAST}} | ||
+ | * {{AST}} | ||
+ | |||
+ | [[Category:Security]] |
Latest revision as of 19:30, 17 January 2023
- Cross-site scripting
- Injection: Injection flaws, such as SQL injection, NoSQL, OS, and LDAP injection.
- Path disclosure
- Denial-of-service
- Code execution
- Memory corruption
- Cross-site request forgery
- Information disclosure
- Arbitrary file
- Local file inclusion
- Remote file inclusion
- Buffer overflow
As of 2019 there is no Synopsys DAST on-premises product.
Software[edit]
- GitLab Ultimate since January 2018 10.4 https://about.gitlab.com/releases/2018/01/22/gitlab-10-4-released/, https://docs.gitlab.com/ee/user/application_security/dast/
- GitLab Auto DAST
- OWASP ZAP
- GitLab DAST API and API Fuzzing speed improvements
- GitLab DAST API analyzer for on-demand DAST API scans
Related terms[edit]
- Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx
- Browser-based DAST
See also[edit]
Advertising: