DAST (Dynamic Application Security Testing)
DAST tests a running application from the outside — black-box probing for vulnerabilities visible only at runtime.
Definition
Dynamic Application Security Testing (DAST) is the analysis of a running application — usually a web application or API — by sending probes from the outside and watching responses. DAST tools spider the application, fuzz inputs, and look for canonical attack signatures: SQL error messages, XSS reflections, command-injection delay markers.
DAST catches bugs SAST misses (runtime-only configuration flaws, authentication issues, missing security headers) and misses bugs SAST catches (deep-stack vulnerabilities the spider never reached). Combined with manual review, the three approaches are complementary.
Mitigation
Not applicable.