Online Courses
Security in the Pipeline
Online Courses
Security in the Pipeline
  • Introduction
  • Dependency Management
    • Introduction
    • What are dependencies?
    • Internal vs External
    • Securing External Dependencies
    • Securing Internal Dependencies
    • Theory of a Dependency Confusion
    • Conclusion
  • SAST
    • Introduction
    • Code Review
      • Automated Code Review
    • SAST in the Development Cycle
    • Conclusion
  • DAST
    • Introduction
    • Dynamic Application Security Testing (DAST)
    • Spiders and Crawlers
    • Scanning for Vulnerabilities
    • Authenticated Scans
    • Checking APIs with ZAP
    • Integrating DAST into the development pipeline
    • Conclusion
Powered by GitBook
On this page
  1. DAST

Conclusion

In this room, we have covered the basics of how DAST works and introduced ZAP proxy as a tool that can perform DAST in manual and automated ways. DAST is only one of many ways to check for applications' vulnerabilities and should be used in tandem with other types of testing like SAST, SCA, penetration tests and others to guarantee a reasonable security level for our applications. As with any other technique, DAST won't be a silver bullet solution but will contribute to an application's overall security throughout the software development lifecycle.

PreviousIntegrating DAST into the development pipeline

Last updated 8 months ago