Talk:Static application security testing

This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Articles for creation This article was reviewed by member(s) of WikiProject Articles for creation. The project works to allow users to contribute quality articles and media files to the encyclopedia and track their progress as they are developed. To participate, please visit the project page for more information.Articles for creationWikipedia:WikiProject Articles for creationTemplate:WikiProject Articles for creationAfC articles This article was accepted from this draft on 2 July 2020 by reviewer Timtrent (talk · contribs). Computing: Software / Security Low‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles Low This article has been rated as Low-importance on the project's importance scale. This article is supported by WikiProject Software (assessed as Mid-importance). This article is supported by WikiProject Computer Security (assessed as Mid-importance). Things you can help WikiProject Computer Security with: edit history watch purge Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

This article states "interactive application security testing (IAST), a combination of the two", i.e., a combination of static and dynamic analysis, and cites [6] as a source. However, [6] makes no such statement. And more generally, I do not think that IAST commonly uses static analysis. I think it is usually a purely dynamic approach. Are there other sources to back up this claim? Ericbodden (talk) 13:08, 29 August 2024 (UTC)[reply]