Rory Oza

WordPress is one of the most popular CMS tools in the world with more than 16 million live websites running it. Sadly, this fact alone has made it a popular target for a growing number of cybercriminals who constantly crawl the web to identify vulnerable WordPress versions or plugins, in order to get control over the website.

Since early 2011 Gartner has been writing about how to combine Static application security testing (SAST) and Dynamic application security testing (DAST) approaches to application security testing and raising many questions about the subject. This post will explain the differences between the two methodologies, the advantages disadvantages of the two approaches and how they can work together from a business perspective and from the perspective of web applications, as these are the weakest in term of security.

Static Application Security Testing (SAST)