DAST (Dynamic Application Security Testing)

DAST tests a running application from the outside — black-box probing for vulnerabilities visible only at runtime.

Definition

Dynamic Application Security Testing (DAST) is the analysis of a running application — usually a web application or API — by sending probes from the outside and watching responses. DAST tools spider the application, fuzz inputs, and look for canonical attack signatures: SQL error messages, XSS reflections, command-injection delay markers.

DAST catches bugs SAST misses (runtime-only configuration flaws, authentication issues, missing security headers) and misses bugs SAST catches (deep-stack vulnerabilities the spider never reached). Combined with manual review, the three approaches are complementary.

Mitigation

Not applicable.

See also

References