From the course: ISC2 Certified Cloud Security Professional (CCSP) Cert Prep

Unlock this course with a free trial

Join today to access over 25,300 courses taught by industry experts.

Application testing

Application testing

From the course: ISC2 Certified Cloud Security Professional (CCSP) Cert Prep

Start my 1-month free trial Buy for my team

Application testing

- [Instructor] Welcome to this lesson on application testing. In this lesson, we have four objectives. The first one is talking about application testing types. Then we'll talk about some key terms, which are code review and manual testing, followed by software composition analysis, and then finally, some quality assurance. Jumping into it, we have application testing types, and the three main types here are going to be SAST, DAST, and a combination of the two, which is IAST. Application testing in general is important for identifying and mitigating security vulnerabilities in software development. Starting with SAST, this stands for static application security testing, and as the name probably implies, this is for an analysis of static source code for security vulnerabilities. And this just means that we're looking at the raw code of the application in an environment where it's not actively running. Converse to that, we have DAST, which is dynamic application security testing, and…

Contents