Comparison of Application Security Testing Approaches

2018-07-31T11:00:00
ID RIPSTECH:4B89848823127546C7995738D18E77B9
Type ripstech
Reporter RIPS Technologies Blog
Modified 2018-07-31T11:00:00

Description

Overview The following table lists a side-by-side comparison of different application security testing approaches. Additional rating details are available when hovering over each column. In the following, each approach is introduced. Category Automated Security Testing Manual Security Testing Approach Static Application Security Testing (SAST) / Static Code Analysis Interactive Application Security Testing (IAST) Dynamic Application Security Testing (DAST) / Blackbox Tools Whitebox / Code Audit Blackbox / Pentest Taint Analysis Pattern Matching Language Specific (RIPS) Language Generic Development Phase Coding Coding Coding Testing Deploy Testing Deploy Code Coverage Analysis Speed Detect Complex Issues Detect Logical Flaws Result Accuracy Remediation Details Initial Costs Setup Costs Verification Costs Remediation Costs