Jump to content

Wikipedia The Free Encyclopedia

Interactive application security testing

中文

From Wikipedia, the free encyclopedia

Security testing method

Interactive application security testing (abbreviated as IAST)^[1] is a security testing method that detects software vulnerabilities by interaction with the program coupled with observation and sensors.^[2]^[3] The tool was launched by several application security companies.^[4] It is distinct from static application security testing, which does not interact with the program, and dynamic application security testing, which considers the program as a black box. It may be considered a mix of both.^[5]

References

^ Mike Chapple; James Michael Stewart; Darril Gibson (2021). (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. John Wiley & Sons. ISBN 978-1-119-78624-5.
^ "OWASP DevSecOps Guideline - v-0.2 | OWASP Foundation". Owasp.org.
^ "What is IAST: Interactive Application Security Testing". www.softwaretestinghelp.com.
^ Tanya Janca (2020). Alice and Bob Learn Application Security. John Wiley & Sons. pp. 140–. ISBN 978-1-119-68735-1.
^ Aaron Walker (August 14, 2019). "SAST vs. DAST: Application Security Testing Explained". www.g2.com. Archived from the original on 2022年07月20日.

This computer security article is a stub. You can help Wikipedia by expanding it.

v
t
e

Retrieved from "https://en.wikipedia.org/w/index.php?title=Interactive_application_security_testing&oldid=1277260897"

Hidden categories: