Jump to content

Interactive application security testing

Edit links
From Wikipedia, the free encyclopedia
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Interactive application security testing (abbreviated as IAST)[1] is a security testing method that detects software vulnerabilities by interaction with the program coupled with observation and sensors.[2][3] The tool was launched by several application security companies.[4] It is distinct from static application security testing, which does not interact with the program, and dynamic application security testing, which considers the program as a black box. It may be considered a mix of both.[5]

References

  1. ^ Mike Chapple; James Michael Stewart; Darril Gibson (2021). (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. John Wiley & Sons. ISBN 978-1-119-78624-5.
  2. ^ "OWASP DevSecOps Guideline - v-0.2 | OWASP Foundation". Owasp.org.
  3. ^ "What is IAST: Interactive Application Security Testing". www.softwaretestinghelp.com.
  4. ^ Tanya Janca (2020). Alice and Bob Learn Application Security. John Wiley & Sons. pp. 140–. ISBN 978-1-119-68735-1.
  5. ^ Aaron Walker (August 14, 2019). "SAST vs. DAST: Application Security Testing Explained". www.g2.com. Archived from the original on 2022-07-20.


Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Interactive_application_security_testing&oldid=1277260897"