September 2018
Intermediate to advanced
412 pages
11h 12m
English
book
Industrial Internet Application Development
by Alena Traukina, Jayant Thomas, Prashant Tyagi, Veera Kishore Reddipalli
Content preview from Industrial Internet Application Development
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Dynamic analysis security testing (DAST)
Dynamic code analysis is performed on deployed and running software. The purpose is to hammer the endpoint to identify various security issues during the development cycle. These tools should also be part of the daily run and should be integrated with the CI/CD pipeline. DAST testing is also known as black box testing, since it looks at the API endpoints for vulnerabilities.
DAST tests typically look for a broad range of vulnerabilities, including input/output validation issues that could leave an application vulnerable to cross-site scripting or SQL injection. A DAST test can also help spot configuration mistakes and errors, and identify other specific problems with applications. A DAST test should ...