Application Security Testing
SAST, DAST, IAST, SCA, and security testing methodologies.
Overview
Security testing identifies vulnerabilities in applications.
Testing Types
| Type | When | Method |
|---|---|---|
| SAST | Development | White-box |
| DAST | Testing | Black-box |
| IAST | Runtime | Gray-box |
| SCA | Dependencies | Component analysis |
SAST (Static Analysis)
# Bandit - Python SAST
# bandit -r ./src
# ESLint security rules (JavaScript)
# {
# "extends": ["plugin:security/recommended-legacy"]
# }
DAST (Dynamic Analysis)
# OWASP ZAP scan
zap-cli quick-scan -s all -r https://target.com
# Nikto scan
nikto -h https://target.com
IAST (Interactive Analysis)
# Contrast Security agent
# java -jar contrast.jar -app myapp -url https://target.com
SCA (Software Composition Analysis)
# Snyk scan
snyk test
# OWASP Dependency Check
dependency-check --project "My Project" --scan ./src
Testing Tools
| Tool | Type | Cost |
|---|---|---|
| SonarQube | SAST | Free/Pro |
| OWASP ZAP | DAST | Free |
| Burp Suite | DAST |
|
Security Test Cases
# SQL injection test
def test_sql_injection():
response = client.get("/users?id=1' OR '1'='1")
assert response.status_code == 400
# XSS test
def test_xss():
response = client.get("/search?q=<script>alert(1)</script>")
assert "<script>" not in response.data
# Authentication test
def test_unauthorized_access():
response = client.get("/admin")
assert response.status_code == 401
CI/CD Integration
# GitHub Actions
- name: Security Scan
uses: snyk/actions@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
command: test
args: --severity-threshold=high
Practice
Set up automated security testing in a CI/CD pipeline.