Application Security Testing
Application Security Testing (AST) is a comprehensive process of identifying the security loopholes and shortcomings of an application which it may encounter in regular functioning or may be exploited by a hacker.
AST was carried out in a manual way on its inception. However, with the increasing complexities of applications and a variety of functions being integrated, manual testing is extremely time-consuming. With AST now fully automated, most organizations use a combination of several application security tools.
There are 5 different stages to Application Development through which different types of ASTs must be carried out regularly to keep security in check.
- Acceptance Stage
- Pre-Production Stage
- Production Stage
The very basic methods of AST are:
Static Application Security Testing (SAST)
Dynamic Application Security Testing (DAST)
Interactive Application Security Testing (IAST)