21 lines
662 B
Markdown
21 lines
662 B
Markdown
---
|
||
title: "IAST(交互式应用安全测试)"
|
||
type: concept
|
||
tags: [安全, 测试, 运行时]
|
||
sources: [what-is-devsecops-best-practices-benefits-and-tools]
|
||
last_updated: 2026-04-16
|
||
---
|
||
|
||
## Definition
|
||
IAST(Interactive Application Security Testing)在应用程序运行时动态分析行为,检测运行时刻的安全问题,可发现 SAST 和 DAST 可能遗漏的漏洞。
|
||
|
||
## Characteristics
|
||
- 在测试和部署阶段使用
|
||
- 通过插桩技术监控应用行为
|
||
- 实时检测运行时漏洞
|
||
- 适合测试环境
|
||
|
||
## Connections
|
||
- [[DevSecOps]] ← uses ← [[IAST]]
|
||
- [[SAST]] ← complements ← [[IAST]]
|
||
- [[DAST]] ← complements ← [[IAST]] |