SAST - Static Analysis Security Testing

 



Static Analysis Security Testing or SAST is considered as white-box testing, where the tester has knowledge and access to the underlying design and source code. The testing performed by analyzing the source code without deploy or run the application.

A lot of time, this testing is automated by using tool to perform the source code scan and analyze. The SAST tools is based on a set of rules to identify known or potential security flaw in the source code.

Performing SAST during development can find the vulnerabilities earlier, and thus can be fixed earlier and easier.

Further readings:

Comments

Popular posts from this blog

Network Manager

CCSP Domain 2 : Cloud Data Security - Part 1