IAST Total

IAST Total (Interactive Application Security Testing), harnesses IAST capabilities to enhance Dynamic Analysis (DAST) scans, improving scan and remediation times while uncovering a broader spectrum of vulnerabilities.

What are the benefits of using IAST Total?

  • Comprehensive Scanning: IAST Total goes beyond traditional DAST scanning, providing a more thorough analysis that identifies vulnerabilities with increased accuracy.
  • Enhanced Automatic Configuration: The solution now identifies crucial information such as operating systems, frameworks, platforms, and servers, contributing to improved automatic configuration.
  • Improved Scan and Remediation Times: The integration of IAST Total results in faster scan and remediation processes, enhancing the overall efficiency of security assessments.
  • Detailed Call Stack Information: IAST Total enriches the findings by providing a detailed call stack for detected vulnerabilities, aiding in precise understanding and efficient remediation.
  • Deeper Insight into Application Backend: Gain greater insight into the application backend and components used, allowing for a more comprehensive understanding of potential security risks.

For more information, refer to the blog.

How to enable DAST scanning with IAST Total?

By default, DAST scans are enabled with IAST Total provided you have an active IAST subscription and the IAST agent deployed on your application server.

How to view call stack information?

IAST Total provides detailed call stack information for detected vulnerabilities wherever applicable. You can view this information on the IAST call stack section of the Issue Details tab.