Application Security Testing (AST) Questions
Evgeny Belenky
IT Central Station
Jul 28 2021

Hi peers,

Which automated tools for penetration testing would you recommend to your colleagues working for enterprises? 

Please share 1-3 reasons why you like those tools.

pentesting automation
VishalDhamkeThere are many automated DAST & SAST tools but from my perspective, there is no… more »
John RendyHi Evgeny, There is one automated penetration testing tool that performs way… more »
Charles Race
Manager of Data Processing at New York State Insurance Fund
May 17 2021

I'm choosing an Application Security Testing platform.

My use cases are as follows:

  • SAST
  • DAST
  • Component Scanning
  • Vulnerability auditing 
  • Mitigation

What product/solution would you recommend and why? 

Thomas RyanThe first thing you'd want to do is 1.Look at your application inventory to… more »
Raghavendra Rao PVI suggest go for a Secure SDLC approach by integrating security at each level of… more »
VishalDhamkeSAST - Veracode, goes well with integration DAST - Either Microfocus… more »
Rony_Sklar
IT Central Station
Jun 01 2021

What are the different types of tools that should be used together in DevSecOps?

What are the specific tools that you like to use when working on your DevSecOps pipeline? 

What is essential, and what is a nice-to-have? 

Thomas RyanEverything in technology focuses on People, Process & Technology. What binds… more »
Jeremy VaughanDepends on budget and the larger approach to security, compliance, and risk… more »
Rama SusarlaIt depends on the budget, business and technology portfolio of the enterprise… more »
Rony_Sklar
IT Central Station
Mar 02 2021

Many companies wonder about whether SAST or DAST is better for application security testing. What are the relative benefits of each methodology? Is it possible to make use of both?

Dan DoggendorfSAST and  DAST are not mutually exclusive and should be used in conjunction with… more »
Oscar Van Der MeerFor application security you ideally need SAST, SCA and DAST. You need all three… more »
Thomas RyanThe easiest way to remember the role of each: SCA & SAST = Am I Vulnerable… more »