DAST - Dynamic Application Security Testing Home Cybersecurity Dictionary DAST - Dynamic Application Security Testing DAST is a security solution used to uncover vulnerabilities in software during its running state, including when it is actually deployed in production. It is a black box testing methodology where software is tested from the outside-in and attacked just as it would be by a true threat actor and simulates attacks against the application (typically web-enabled applications and services) and analyzes the application's response to determine if it is vulnerable. Minimal user interactions are required for these scans (once configured with host name, crawling parameters and authentication credentials). Unlike Static Application Security Testing tools (SAST), DAST tools do not have access to source code. DAST tools are either open source, free or commercially available, are specifically designed to find security vulnerabilities and are sometimes required to comply with various regulatory requirements. Related TermsDevOpsDevSecOpsSDLC - Software Development LifecycleSAST - Static Application Security TestingIAST - Interactive Application Security TestingShift Left Share: Seeking Clarity? View the Cybersecurity Dictionary for top terms searched by your peers. Back to the Dictionary RELATED INSIGHTS BLOG June 07, 2018 Quick Tips for Building an Effective AppSec Program – Part 3 This is the last post in my series on creating an effective AppSec program within your organization. In my last post, we discussed the importance of t... See Details Read more about Quick Tips for Building an Effective AppSec Program – Part 3 DOWNLOAD May 02, 2018 Implement an Effective AppSec Program Learn about Optiv's top ten tips for implementing an effective AppSec program. See Details Read more about Implement an Effective AppSec Program How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.