Application Security Testing (AST)
Jump to navigation
Jump to search
This article is a Draft. Help us to complete it.
wikipedia:Application Security Testing
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Interactive Application Security Testing (IAST), for example, instrumenting the Java Virtual Machine (JVM) or .NET CLR. For example: Seeker (Synopsys)
- Synopsys: Coverity (2002) No DAST on-premises product
- Veracode: AST tools, only AST as a service.
- Micro Focus: Fortify WebInspect. As a product, as well as in the cloud.
- Checkmarx
- WhiteHat Security
- Qualys: glibc
- Rapid7
- CAST
- Contrast Security
- Acunetix
- Positive Technologies
- SiteLock
- Trustwave
- SonarQube 2006-2007
Other vendors: edgescan, Fasoo, GitLab, GrammaTech, ImmuniWeb, Kiuwan, Netsparker, NSFOCUS, N-Stalker, Onapsis (Virtual Forge), PortSwigger, Positive Technologies, SiteLock, SonarQube, Trustwave and Wallarm
Other applications: kubesec, flawfinder
Related terms[edit]
- Software Composition Analysis (SCA)
- ASLR, PIE, and NX
- Gartner Application Security Testing (AST) MQ
- Threat detection
- Cloud security
See also[edit]
- RASP
- DAST, SQL injection, Denial-of-service attack (DoS attack), Buffer overflow
- Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx
- Research and analisys, Market Intelligence: Gartner, Gartner Magic Quadrant, Gartner hype cycle, Gartner Market Guide, Forrester: Forrester Wave, IDC, 451 Research, CB Insights, G2 Crowd, SIEM Magic Quadrant, Privileged Access Management, Nielsen, 451 Group (451 research), Gartner Cool Vendors in Cloud Computing, Capterra
Advertising:
