What is an advantage of using dynamic application security testing (DAST) over static application security testing (SAST) methodology?
Correct Answer: B
Explanation
Dynamic application security testing (DAST) is a method of testing the security of an application by simulating attacks from an external source. DAST does not require access to the source code or binaries of the application, unlike static application security testing (SAST), which analyzes the code for vulnerabilities.
Therefore, DAST is a black box testing technique, meaning that it does not need any knowledge of the internal structure, design, or implementation of the application. DAST is also programming language agnostic, meaning that it can test applications written in any language, framework, or platform. This makes DAST more flexible and adaptable to different types of applications and environments. However, DAST also has some limitations, such as being slower, less accurate, and more dependent on the availability and configuration of the application. References:
SAST vs. DAST: What's the Difference?
SAST vs DAST: What's the Difference?
SAST vs. DAST: Enhancing application security