WHAT IS DYNAMIC APPLICATION SECURITY TESTING?
Dynamic application security testing (DAST) is a black-box test, working from the outside in, designed to detect security vulnerabilities in an application’s running state. DAST is good at finding externally visible vulnerabilities in the interfaces of web applications, and makes it easy to confirm by providing URLs. The downside of DAST is its heavy reliance on experts to write tests, making it difficult to scale.
DAST security requires dynamic application security testing tools that automate security tests for a variety of real-world threats. DAST can tests for exposed HTTP and HTML interfaces of web-enabled applications. More advanced solutions are designed specifically to check things such as remote procedure calls, Session Initiation Protocol (SIP), etc.). There are similarities between DAST tools and other application security solutions, but most other technologies perform internal tests and code analysis rather than focusing on black-box testing.