Difference between revisions of "Application Security Testing (AST)"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
|||
| (8 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{Draft}} | {{Draft}} | ||
| + | [[wikipedia:Application Security Testing]] | ||
| Line 7: | Line 8: | ||
| − | * [[Synopsys]]: [[ | + | * [[Synopsys]]: [[Coverity]] ([[2002]]) No [[DAST]] on-premises product |
* [[Veracode]]: AST tools, only AST as a service. | * [[Veracode]]: AST tools, only AST as a service. | ||
* [[Micro Focus]]: [[Fortify WebInspect]]. As a product, as well as in the cloud. | * [[Micro Focus]]: [[Fortify WebInspect]]. As a product, as well as in the cloud. | ||
| Line 30: | Line 31: | ||
== Related terms == | == Related terms == | ||
* [[Software Composition Analysis (SCA)]] | * [[Software Composition Analysis (SCA)]] | ||
| − | * ASLR, PIE, and NX | + | * [[ASLR]], PIE, and NX |
| + | * [[Gartner]] [[Application Security Testing (AST)]] [[MQ]] | ||
| + | * [[Threat detection]] | ||
| + | * [[Cloud security]] | ||
== See also == | == See also == | ||
* [[RASP]] | * [[RASP]] | ||
| + | * {{DAST}} | ||
* {{AST}} | * {{AST}} | ||
* {{Gartner}} | * {{Gartner}} | ||
| − | |||
[[Category:Security]] | [[Category:Security]] | ||
Latest revision as of 22:19, 22 February 2022
This article is a Draft. Help us to complete it.
wikipedia:Application Security Testing
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Interactive Application Security Testing (IAST), for example, instrumenting the Java Virtual Machine (JVM) or .NET CLR. For example: Seeker (Synopsys)
- Synopsys: Coverity (2002) No DAST on-premises product
- Veracode: AST tools, only AST as a service.
- Micro Focus: Fortify WebInspect. As a product, as well as in the cloud.
- Checkmarx
- WhiteHat Security
- Qualys: glibc
- Rapid7
- CAST
- Contrast Security
- Acunetix
- Positive Technologies
- SiteLock
- Trustwave
- SonarQube 2006-2007
Other vendors: edgescan, Fasoo, GitLab, GrammaTech, ImmuniWeb, Kiuwan, Netsparker, NSFOCUS, N-Stalker, Onapsis (Virtual Forge), PortSwigger, Positive Technologies, SiteLock, SonarQube, Trustwave and Wallarm
Other applications: kubesec, flawfinder
Related terms[edit]
- Software Composition Analysis (SCA)
- ASLR, PIE, and NX
- Gartner Application Security Testing (AST) MQ
- Threat detection
- Cloud security
See also[edit]
- RASP
- DAST, SQL injection, Denial-of-service attack (DoS attack), Buffer overflow
- Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx
- Research and analisys, Market Intelligence: Gartner, Gartner Magic Quadrant, Gartner hype cycle, Gartner Market Guide, Forrester: Forrester Wave, IDC, 451 Research, CB Insights, G2 Crowd, SIEM Magic Quadrant, Privileged Access Management, Nielsen, 451 Group (451 research), Gartner Cool Vendors in Cloud Computing, Capterra
Advertising:
