0 votes
in Technology by (1.7m points)
What is SAST/Static application security testing?

1 Answer

0 votes
by (1.7m points)

Static application security testing is also known as SAST.

In SAST, software artifacts are analyzed to uncover vulnerabilities during the coding and unit testing phases.

These tools primarily scan the source code, and may also look into the binaries and configuration files.

The important aspect is that these tests can be done without running the application.

  • There is no need to make actual operational setup.

Since static application security testing requires access to secure code, they are also known as white box testing

The High Level Flow

The High Level Flow