Technical

Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST)

SAST and DAST are two types of application security testing methods used to detect vulnerabilities in software applications.

SAST, or Static Application Security Testing, is a method that analyzes application code without executing it, looking for potential vulnerabilities and security flaws.

DAST, or Dynamic Application Security Testing, involves running the application and simulating attacks to identify vulnerabilities that could be exploited by attackers.

Both SAST and DAST are essential components of a comprehensive application security strategy, providing different perspectives on the security of an application.

Learn More

Discover how Matproof can help you achieve Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) compliance.

View framework page

Static compliance by city

FrankfurtMunichBerlinHamburgDüsseldorfStuttgartCologneParisAmsterdamMadridMilan

Related Terms

Vulnerability Management

The continuous process of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities. Effective vulnerability management is a key requirement of DORA, ISO 27001, and SOC 2 to maintain system security and operational resilience.

Code Review

The process of examining and evaluating a software program's source code by peers, with the aim of identifying and fixing errors, vulnerabilities, and improving code quality.

Related Articles

7 Most Common ISO 27001 Audit Findings and How to Fix Them

The 7 most common ISO 27001 audit findings and practical remediation guidance. Avoid these mistakes to ensure a smooth certification audit and maintain your ISM

How to Map ISO 27001 Controls to DORA Requirements

Practical guide to mapping ISO 27001:2022 Annex A controls to DORA requirements. Identify overlaps, gaps, and how to leverage your existing ISMS for DORA compli

How to Prepare for ISO 27001 Certification

Complete preparation guide for ISO 27001 certification. Covers ISMS scope, risk assessment, Annex A controls, internal audit, management review, and Stage 1/Sta

ISO 27001 Certification in Germany: TUV and Accredited Bodies

Guide to ISO 27001 certification in Germany. Overview of accredited certification bodies including TUV, the certification process, costs, and preparation tips f

Automate compliance with Matproof

DORA, SOC 2, ISO 27001 — get audit-ready in weeks, not months.

Request a demo