Interactive application security testing

Interactive application security testing (abbreviated as IAST)^[1] is a security testing method that detects software vulnerabilities by interaction with the program coupled with observation and sensors.^[2]^[3] It is distinct from static application security testing, which does not interact with the program, and dynamic application security testing, which considers the program as a black box. It may be considered a mix of both.^[4]

References

^ Tanya Janca (2020). Alice and Bob Learn Application Security. John Wiley & Sons. pp. 140–. ISBN 978-1-119-68735-1.
^ "OWASP DevSecOps Guideline - v-0.2 | OWASP Foundation". Owasp.org.
^ "What is IAST: Interactive Application Security Testing". www.softwaretestinghelp.com.
^ Aaron Walker (August 14, 2019). "SAST vs. DAST: Application Security Testing Explained". www.g2.com. Archived from the original on 2022-07-20.

This computer security article is a stub. You can help Wikipedia by expanding it.

[Janca2020-1] Tanya Janca (2020). Alice and Bob Learn Application Security. John Wiley & Sons. pp. 140–. ISBN 978-1-119-68735-1.

[2] "OWASP DevSecOps Guideline - v-0.2 | OWASP Foundation". Owasp.org.

[3] "What is IAST: Interactive Application Security Testing". www.softwaretestinghelp.com.

[4] Aaron Walker (August 14, 2019). "SAST vs. DAST: Application Security Testing Explained". www.g2.com. Archived from the original on 2022-07-20.

[1]

[2]

[3]

[4]