Appknox Static Application Security Testing
What is DAST ?
A Dynamic Application Security Testing (DAST) analysis is generally specifically designed to detect conditions indicative of a security vulnerability in an application while in its running state. One of the most common and classic methods of hacking used by hackers is the Man in the Middle Attack (MiTM).
The Appknox DAST is a fully automated simulation of real-time interactions between users (your team) and our physical Android and iOS devices accessed by you via our cloud-based infrastructure. Our system analyzes, detects and catches loopholes that are threatening in nature and helps businesses plug and secure them from runtime and network attacks like MiTM.
Difference between SAST & DAST
Unlike the SAST analysis, Appknox DAST works by running your uploaded application binary on our cloud-hosted devices. Your app is simply uploaded and put in a test environment where actual attacks are carried out during this simulation to detect advanced vulnerabilities.
The Appknox DAST runs on the same platform as the Appknox SAST, giving businesses the option to scan their apps individually or together by both analysis, for an integrated view of all threats detected.
How Appknox API Scan works?
To initiate API Scan, all you need is endpoints (domain) of your server. Once you enter that, our scanner attempts to break into your server to discover vulnerabilities. There are 50+ test cases categorized into 9 distinct groups that are continuously tested. Our system analyzes, detects and catches loopholes that are threatening in nature and helps businesses plug and secure them from any attack on the outside. One can enter multiple endpoints and scan at one go.
How Appknox DAST works?
1. After you initiate a dynamic scan on your dashboard, your app is installed onto one of our devices.
2. Your team acts as a user and performs actions like a user would. Our system simultaneously performs several attacks while your app is interacting with our device.
3. Generate a detailed report from the Appknox dashboard and request a remediation call to fix vulnerabilities detected (optional).