KodeKloud Notes

Dynamic Application Security Testing (DAST) simulates real-world attacks against a running application to uncover security flaws that only appear in a live environment. Unlike Static Application Security Testing (SAST), DAST has no access to source code—it interacts with the application’s interfaces (e.g., HTTP endpoints) to discover vulnerabilities.

What Is Dynamic Application Security Testing (DAST)?

DAST evaluates an application from the outside in, detecting issues that might be missed when scanning code alone.

Note

DAST is best suited for QA or pre-production environments. Running DAST in production can reveal critical flaws—but must be done with caution to avoid service disruptions.

Key characteristics:

Executed against a live, deployed application
No access to source code or binaries
Ideal for catching misconfiguration and runtime issues
Focuses on externally visible vulnerabilities

Common Vulnerabilities Detected by DAST

DAST tools target many OWASP Top 10 risks. The table below shows typical findings:

Vulnerability	Description	OWASP Category
Cross-Site Scripting	Injection of malicious scripts into client pages	A03:2021 – XSS
SQL Injection	Malicious SQL statements altering database queries	A03:2021 – Injection
Command Injection	Execution of system commands via user inputs	A05:2021 – Security Misconfigurations
Insecure Configurations	Weak server settings, default credentials, etc.	A05:2021 – Security Misconfigurations

Pros and Cons of DAST

Advantages

Advantage	Details
Technology Independence	Works across languages and frameworks—no code parsing required.
Low False-Positive Rate	According to the OWASP Benchmark Project, DAST tools report fewer false positives.
Configuration Issue Discovery	Exposes runtime misconfigurations that static analysis might overlook.

Limitations

Limitation	Details
Limited Scalability	Requires expert-crafted test cases; difficult to automate fully at scale.
No Code Visibility	Cannot pinpoint the exact line in source code where a flaw originates.
Performance Overhead	Scans can take hours or days, delaying feedback and increasing remediation costs.

The image is an informational graphic about DAST (Dynamic Application Security Testing), highlighting its features, advantages, and limitations in identifying security vulnerabilities in applications. It contrasts DAST with SAST (Static Application Security Testing) and lists specific vulnerabilities DAST can detect, such as cross-site scripting and SQL injection.

DAST vs. SAST

Comparing Static vs. Dynamic analysis:

Aspect	SAST	DAST
Analysis Type	Static source-code scanning	Runtime interaction with a live application
Visibility	Pinpoints issues to specific code lines	Identifies externally visible flaws only
False-Positive Rate	Can generate more false positives without context	Generally lower when properly configured
Use Case	Early in SDLC, developer feedback	QA, pre-production, and (with caution) production

Warning

Running DAST against production workloads can impact performance. Schedule scans during low-traffic windows and ensure proper monitoring.

Next Steps

In the following lesson, we’ll use OWASP ZAP to perform a dynamic scan on an application deployed in a Kubernetes cluster. You'll learn how to:

Configure OWASP ZAP for automated scanning
Interpret scan reports to prioritize fixes
Integrate DAST into a CI/CD pipeline

Links and References

Watch Video

Watch video content