Static Application Security Testing
Static Application Security Testing (SAST) is a security testing technique that analyzes an application's source code, bytecode, or binaries without executing the program, identifying potential vulnerabilities such as injection flaws, insecure API usage, or hardcoded secrets before the code runs.
7 resources across 1 library
Glossary Terms(7)
Security Champion
A Security Champion is a developer or team member embedded within a product or engineering team who acts as a local advocate and first point of contact for sec…
Secure SDLC
Secure SDLC (Secure Software Development Lifecycle) is the practice of integrating security activities — threat modeling, secure coding standards, security tes…
DevSecOps Pipeline
A DevSecOps pipeline is a CI/CD pipeline that integrates automated security tooling and gates — such as static analysis, dependency scanning, secrets detection…
Shift-Left Security
Shift-left security is the practice of moving security activities — such as threat modeling, code review, and automated scanning — earlier ('left') in the soft…
Static Application Security Testing (SAST)
Static Application Security Testing (SAST) is a security testing technique that analyzes an application's source code, bytecode, or binaries without executing…
Dynamic Application Security Testing (DAST)
Dynamic Application Security Testing (DAST) is a security testing technique that probes a running application from the outside — sending crafted HTTP requests…
Interactive Application Security Testing (IAST)
Interactive Application Security Testing (IAST) is a security testing technique that uses an instrumentation agent running inside a live application to observe…