Difference between revisions of "Application Security Testing (AST)"
Jump to navigation
Jump to search
| Line 32: | Line 32: | ||
* [[Software Composition Analysis (SCA)]] | * [[Software Composition Analysis (SCA)]] | ||
* [[ASLR]], PIE, and NX | * [[ASLR]], PIE, and NX | ||
| + | * [[Gartner]] [[Application Security Testing (AST)]] [[MQ]] | ||
== See also == | == See also == | ||
Revision as of 09:09, 9 August 2021
This article is a Draft. Help us to complete it.
wikipedia:Application Security Testing
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Interactive Application Security Testing (IAST), for example, instrumenting the Java Virtual Machine (JVM) or .NET CLR. For example: Seeker (Synopsys)
- Synopsys: Coverity (2002) No DAST on-premises product
- Veracode: AST tools, only AST as a service.
- Micro Focus: Fortify WebInspect. As a product, as well as in the cloud.
- Checkmarx
- WhiteHat Security
- Qualys: glibc
- Rapid7
- CAST
- Contrast Security
- Acunetix
- Positive Technologies
- SiteLock
- Trustwave
- SonarQube 2006-2007
Other vendors: edgescan, Fasoo, GitLab, GrammaTech, ImmuniWeb, Kiuwan, Netsparker, NSFOCUS, N-Stalker, Onapsis (Virtual Forge), PortSwigger, Positive Technologies, SiteLock, SonarQube, Trustwave and Wallarm
Other applications: kubesec, flawfinder
Related terms
See also
- RASP
- DAST, SQL injection, Denial-of-service attack (DoS attack), Buffer overflow
- Application Security Testing (SAST, DAST, IAST): Fortify WebInspect, GitLab Ultimate, flawfinder, Kubesec, Coverity, SonarQube, SCA, Checkmarx
- Research and analisys, Market Intelligence: Gartner, Gartner Magic Quadrant, Gartner hype cycle, Gartner Market Guide, Forrester: Forrester Wave, IDC, 451 Research, CB Insights, G2 Crowd, SIEM Magic Quadrant, Privileged Access Management, Nielsen, 451 Group (451 research), Gartner Cool Vendors in Cloud Computing, Capterra
Advertising:
