SAST vs DAST

Static Application Security Testing (SAST) vs Dynamic Application Security Testing (DAST)
Written by Victor Pisarciuc
Updated 3 years ago

Static Application Security Testing (SAST), also known as white-box security testing, is used to analyze the code before it’s compiled for security issues. This helps the developers with feedback in order to prevent a vulnerable release. This isn’t in the scope of Pentest-Tools.com.

Dynamic Application Security Testing (DAST), also known as black-box security testing, is used to analyze the code and find vulnerabilities from inside out, by executing the application. You can use our Website Scanner in this case.

Both SAST and DAST are needed for comprehensive security testing. 

Learn more about performing a vulnerability assessment with Pentest-Tools.com from our How to do a Full Website Vulnerability Assessment with Pentest-Tools.com article. 

Did this answer your question?