Dan On Dev (E002): Why All SAST Products Suck
In this episode we explore the weaknesses and strengths of SAST (Static Application Security Testing) products. Understanding how the tools work and their challenges will help you pick the right tool for the job.
Through this series we cover the following category of products:
- SAST: Static Application Security Testing
- DAST: Dynamic Application Security Testing
- IAST: Interactive Application Security Testing
- SCA: Software Composition Analysis
- WAF: Web Application Firewall
- RASP: Runtime Application Self-Protection (NextGen WAF)
- Manual Pen Testing