Difference between revisions of "Application Security Testing (AST)"
Jump to navigation
Jump to search
Line 4: | Line 4: | ||
* [[Static Application Security Testing (SAST)]] | * [[Static Application Security Testing (SAST)]] | ||
* [[Dynamic Application Security Testing]] ([[DAST]]) | * [[Dynamic Application Security Testing]] ([[DAST]]) | ||
− | * Interactive | + | * [[Interactive Application Security Testing]] ([[IAST]]), for example, instrumenting the [[Java Virtual Machine]] (JVM) or .NET CLR. For example: [[Seeker]] |
Revision as of 17:08, 9 February 2020
This article is a Draft. Help us to complete it.
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Interactive Application Security Testing (IAST), for example, instrumenting the Java Virtual Machine (JVM) or .NET CLR. For example: Seeker
- Synopsys: no DAST on-premises product
- Veracode: AST tools, only AST as a service.
- Micro Focus: as a product, as well as in the cloud.
- Checkmarx
- WhiteHat Security
- Qualys
- Rapid7
- CAST
- Contrast Security
- Acunetix
- Positive Technologies
- SiteLock
- Trustwave
See also
- Security: Security portfolio, Security standards, Hardening, CVE, CWE, Wireless Network Hacking, vulnerability scanner, Security risk assessment, SCA, Application Security Testing, OWASP, Data leak, NIST, SANS, MITRE, Security policy, Access Control attacks, password policy, password cracking, Password manager, MFA, OTP, UTF, Firewall, DoS, Software bugs, MITM, Certified Ethical Hacker (CEH) Contents, Security+ Malware, FIPS, DLP, Network Access Control (NAC), VAPT, SIEM, EDR, SOC, pentest, PTaaS, Clickjacking, MobSF, Janus vulnerability, Back Orifice, Backdoor, CSO, CSPM, PoLP, forensic, encryption, Keylogger, Pwn2Own, CISO, Prototype pollution
Advertising: