Friday, October 1, 2010

Types of Software Security Testing

Mature software security testing activities combine multiple security testing perspectives. Each type yields differing results since no tool can identify the full population of issues. Combined, a more complete picture can be obtained.


Static Application Security Testing (SAST)
Scans at the source code level

Static analysis tools are good, but not perfect. Like other forms of testing, they only look for a set of rules in the source code. They can quickly find common security vulnerabilities.


Binary Code Analysis
Analysis at the byte-code level

What is written in the source code is not necessarily what is executed. For example, compilation optimizers may remove various lines of code that appear to never being called. Thus, static code analysis will fail to detect certain vulnerabilities. 


Dynamic Application Security Testing (DAST)
Analysis at run-time, simulates production usage

Analyzes applications in its running state to help automate basic penetration testing.  Essentially, it traverses the application and simulates what attackers may do.

Example tools: