Saturday, August 15, 2020
SAST - Static Analysis Security Testing
Static Analysis Security Testing or SAST is considered as white-box testing, where the tester has knowledge and access to the underlying design and source code. The testing performed by analyzing the source code without deploy or run the application.
A lot of time, this testing is automated by using tool to perform the source code scan and analyze. The SAST tools is based on a set of rules to identify known or potential security flaw in the source code.
Performing SAST during development can find the vulnerabilities earlier, and thus can be fixed earlier and easier.