Revision as of 12:28, 15 March 2024 edit Apekshya Purohit (talk \| contribs) 8 edits mNo edit summary ← Previous edit		Revision as of 06:19, 23 September 2024 edit undo Muxon (talk \| contribs) 9 edits Tagged an unclear statement Tag: Visual edit Next edit →
Line 1: {{Short description\|Software securing application}} '''Static application security testing''' ('''SAST''') is used to secure software by reviewing the source code of the software to identify sources of vulnerabilities. Although the process of [[Static program analysis\|statically analyzing the source code]] has existed as long as computers have existed{{Clarify\|reason=Early computers existed before source code, this is too vague.\|date=September 2024}}, the technique spread to security in the late 90s and the first public discussion of [[SQL injection]] in 1998 when Web applications integrated new technologies like [[JavaScript]] and [[Adobe Flash Player\|Flash]]. Unlike [[dynamic application security testing]] (DAST) tools for [[black-box testing]] of application functionality, SAST tools focus on the code content of the application, [[white-box testing]].

Static application security testing: Difference between revisions