< Back

DAST

Automatic Dynamic Application Security Testing (DAST) refers to security tests that are performed at the application level by building/executing the application and reviewing the application build/runtime environments. The build/runtime can be tested in various ways such as reviewing the resources that the application is accessing in build/runtime and verifying if it is compliant to a given policy, or appropriate to the application declarations.  Another way to dynamically test the application is by fuzzy testing - running the application with unexpected inputs and known malicious payloads while reviewing the application behaviour and output to assess if it is vulnerable.

Automated DAST can be used as an automotive security tool as part of the CI pipeline as well as continuous automation over production environments.

Related Terms

Application-Security-Management

AppSec, but so much

Reclaim AppSec