Interactive application security testing explained
Interactive application security testing (abbreviated as IAST)[1] is a security testing method that detects software vulnerabilities by interaction with the program coupled with observation and sensors.[2] [3] The tool was launched by several application security companies.[4] It is distinct from static application security testing, which does not interact with the program, and dynamic application security testing, which considers the program as a black box. It may be considered a mix of both.[5]
Notes and References
- Book: Mike Chapple . James Michael Stewart . Darril Gibson . 2021 . (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide . John Wiley & Sons . 978-1-119-78624-5 .
- Web site: OWASP DevSecOps Guideline - v-0.2 | OWASP Foundation . Owasp.org.
- Web site: What is IAST: Interactive Application Security Testing . www.softwaretestinghelp.com.
- Book: Tanya Janca . 2020 . Alice and Bob Learn Application Security . John Wiley & Sons . 140– . 978-1-119-68735-1 .
- Web site: SAST vs. DAST: Application Security Testing Explained . www.g2.com . August 14, 2019 . https://web.archive.org/web/20220720103658/https://www.g2.com/articles/sast-vs-dast . 2022-07-20 . live . Aaron Walker.