Why All AppSec Products Suck! (SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-testing)

Learn from a 20+ year App Sec founder and leader before you buy your next Application Security Testing product or service! Understand the fundamentals before comparing SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing

- Chapters -
0:00 Channel Intro
0:38 Topic Intro
1:00 Overall Goal & Premise
1:12 About Dan
2:10 No one tool
2:39 Your environment
4:00 The categories
4:10 SAST
4:37 DAST
4:54 IAST
5:25 SCA
6:12 Pen Testing
6:34 WAF
7:08 RASP
7:41 Comparing
8:20 Wrap up

This episode is the kick off of a comprehensive series, where we look at each category of App Sec products:
* SAST: Static Application Security Testing
* DAST: Dynamic Application Security Testing
* IAST: Interactive Application Security Testing
* SCA: Software Composition Analysis
* WAF: Web Application Firewall
* RASP: Runtime Application Self-Protection (Next-Gen WAF)
* Manual Pen-Testing of Applications
(SAST vs DAST vs IAST vs SCA vs WAF vs RASP vs Pen-Testing)

The playlist - https://www.youtube.com/playlist?list=PLr15vRqvmtdW-LxrY_fFGNV8ub4_d_Qoc

To gain more valuable insights and resources from Dan On Dev
🌏 Our website
- https://danondev.com

💬 Social Media
- https://twitter.com/Dan_On_Dev
- https://instagram.com/dan_on_dev
- https://facebook.com/danondev