As applications, aka applications, increasingly moves into the cloud, its protection has become paramount. Only 10% of organizations report repairing critical vulnerabilities satisfactorily and in a timely manner. Application security operates in the development (dev) and production phase of the software development life cycle. Traditional SAST scan times are slow, requiring hours or even days to complete, which doesn’t work well in increasingly automated continuous integration and continuous delivery (CI/CD) environments. Gartner identifies three available code analysis techniques: static application security testing, DAST, SAST, IAST and IAST.”]
Source: https://www.darkreading.com/application-security/a-new-approach-to-application-security-testing