One way to think of them all is SAST is security testing WITH visibility to the code, DAST is security testing WITHOUT visibility to the code and IAST combines both SAST and DAST. So SAST catches code vulnerabilities, DAST catches runtime vulnerabilities and IAST can catch both code and runtime vulnerabilities. Hope that helps and let me know if you have further questions.
@ 8:52 Was the sou chef tasting tomato soup really necessary? lol
so how DAST vs IAST differ?
One way to think of them all is SAST is security testing WITH visibility to the code, DAST is security testing WITHOUT visibility to the code and IAST combines both SAST and DAST. So SAST catches code vulnerabilities, DAST catches runtime vulnerabilities and IAST can catch both code and runtime vulnerabilities. Hope that helps and let me know if you have further questions.
Need Security frame work,api security , vulnerabilities assessments,web security ---plese
Mindset
Boo! lol!