Dynamic Analysis is critical to application security
Dynamic analysis is the testing and evaluation of a program by executing data in real-time. The objective is to find security errors in a program while it is running. Veracode's dynamic analysis testing empowers companies to identify and remediate security issues in their running web applications before hackers can exploit them. By dynamically testing web applications in a run-time environment, Veracode inspects applications the same way a hacker would attack them – providing the most accurate and actionable vulnerability detection available.
Dynamic Analysis Testing
A Dynamic Analysis test communicates with a web application through the web front-end in order to identify potential security vulnerabilities and architectural weaknesses in the web application. Unlike source code scanners, a dynamic analysis program doesn't have access to the source code and therefore detects vulnerabilities by actually performing attacks.
A Dynamic Analysis security scanner can facilitate the automated detection of security vulnerabilities within a web application. A Dynamic Analysis test is often required to comply with various regulatory requirements. Dynamic Analysis scanners can look for a wide variety of vulnerabilities, including:
Dynamic Analysis Benefits Using Veracode
Advanced Dynamic Analysis to Find Hidden Issues
Veracode's breakthrough Dynamic Analysis security scanning analyzes the data and content of information presented by the application in order to find hidden security issues that are missed by other products. Veracode Dynamic Analysis looks "inside" of directories, debug code, leftover source code, and resource files to find hidden username/passwords, SQL strings, ODBC connectors, and other sensitive information which hackers can exploit to gain unauthorized access to your application.
Full integration with Static Analysis
Unlike "stand-alone" web scanners, Veracode is the only Dynamic Analysis provider to incorporate both static and dynamic testing as a single offering. Veracode's dynamic web application testing is integrated with our patented static binary analysis which enables enterprises to fully test their applications using multiple assessment methods to provide a single set of convergent results, ratings and reports.
See More Veracode Security SolutionsVulnerability Assessment
Source Code Analysis
Web Application Security
Written by: Fergal Glynn