{"id":2131,"date":"2022-04-19T18:17:58","date_gmt":"2022-04-19T18:17:58","guid":{"rendered":"https:\/\/smartit.ws\/?page_id=2131"},"modified":"2022-10-18T15:23:46","modified_gmt":"2022-10-18T15:23:46","slug":"application-security-testing-sast-dast","status":"publish","type":"page","link":"https:\/\/smartit.ws\/az\/solutions\/vulnerabilty-management-solutions\/application-security-testing-sast-dast\/","title":{"rendered":"T\u0259tbiql\u0259rin t\u0259hl\u00fck\u0259sizlik yoxlan\u0131\u015f\u0131 (SAST, DAST)"},"content":{"rendered":"<div data-elementor-type=\"wp-page\" data-elementor-id=\"2131\" class=\"elementor elementor-2131\" data-elementor-settings=\"{&quot;ha_cmc_init_switcher&quot;:&quot;no&quot;}\" data-elementor-post-type=\"page\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6090fb7 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"6090fb7\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-0a1f969\" data-id=\"0a1f969\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-ff718d8 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"ff718d8\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-fe9a95c\" data-id=\"fe9a95c\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a4e9e74 elementor-widget elementor-widget-image\" data-id=\"a4e9e74\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"37\" height=\"36\" src=\"https:\/\/smartit.ws\/wp-content\/uploads\/2022\/08\/Application-Security-Testing.png\" class=\"attachment-full size-full wp-image-2897\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-4782922\" data-id=\"4782922\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4677a90 elementor-widget elementor-widget-heading\" data-id=\"4677a90\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">T\u0259tbiql\u0259rin t\u0259hl\u00fck\u0259sizlik yoxlan\u0131\u015f\u0131 (SAST, DAST)<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-dbe1aa5 elementor-widget elementor-widget-text-editor\" data-id=\"dbe1aa5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>SAST (Static Application Security Testing) v\u0259 DAST (Dynamic Application Security Testing), t\u0259tbiql\u0259ri h\u00fccumlara h\u0259ssas ed\u0259 bil\u0259n t\u0259hl\u00fck\u0259sizlik z\u0259iflikl\u0259rini tapmaq \u00fc\u00e7\u00fcn istifad\u0259 edil\u0259n proqram t\u0259hl\u00fck\u0259sizliyi testi metodologiyalar\u0131d\u0131r.<\/p><p>Statik proqram t\u0259hl\u00fck\u0259sizlik testi (SAST) proqram\u0131n m\u0259nb\u0259 kodunun yoxlan\u0131lmas\u0131na \u0259saslanan t\u0259hl\u00fck\u0259sizlik testinin bir n\u00f6v\u00fcd\u00fcr. \u00dcmumiyy\u0259tl\u0259, SAST, m\u00fcmk\u00fcn t\u0259hl\u00fck\u0259sizlik q\u00fcsurlar\u0131n\u0131 m\u00fc\u0259yy\u0259n etm\u0259k \u00fc\u00e7\u00fcn kodun t\u0259rtib edilm\u0259si yollar\u0131n\u0131 t\u0259yin etm\u0259kd\u0259n ibar\u0259tdir.<\/p><p>SAST tez-tez ba\u015fqa bir terminl\u0259 ziddiyy\u0259t t\u0259\u015fkil edir ki, bu da m\u00fc\u0259yy\u0259n m\u0259nada onun \u0259ksin\u0259dir: dinamik t\u0259tbiq t\u0259hl\u00fck\u0259sizliyi testi (DAST). Bu ikisi aras\u0131ndak\u0131 f\u0259rq ondan ibar\u0259tdir ki, SAST il\u0259 test\u00e7il\u0259r m\u0259nb\u0259 kodunu oxuyurlar. Onlar m\u0259lumatlar\u0131n idar\u0259 edilm\u0259sind\u0259 bo\u015fluq kimi m\u0259ntiqi q\u00fcsurlar\u0131, hakerin sistem\u0259 daxil olmaq \u00fc\u00e7\u00fcn istifad\u0259 ed\u0259 bil\u0259c\u0259yi bir vasit\u0259 axtar\u0131rlar. Bunun \u0259ksin\u0259 olaraq, DAST-da test\u00e7il\u0259r m\u0259nb\u0259 koduna baxm\u0131rlar, \u0259ksin\u0259, davran\u0131\u015f testi apar\u0131rlar \u2013 onlar t\u0259tbiqi i\u015f\u0259 sal\u0131r v\u0259 q\u00fcsurlar\u0131 bu \u015f\u0259kild\u0259 axtar\u0131rlar.<\/p><p>\u0130T m\u00fct\u0259x\u0259ssisl\u0259ri \"a\u011f qutu s\u0131na\u011f\u0131\" v\u0259 \"qara qutu s\u0131na\u011f\u0131\" terminl\u0259rind\u0259n istifad\u0259 ed\u0259r\u0259k h\u0259r ikisini f\u0259rql\u0259ndirirl\u0259r. SAST a\u011f qutu testidir, \u00e7\u00fcnki t\u0259tbiqin m\u0259nb\u0259 kodu m\u00f6vcud v\u0259 \u015f\u0259ffafd\u0131r. Bunun \u0259ksi olaraq, DAST qara qutu testidir, \u00e7\u00fcnki m\u0259nb\u0259 kodu m\u0259chuldur. Bu halda, qara qutu test\u00e7il\u0259ri yaln\u0131z t\u0259tbiqin davran\u0131\u015f\u0131n\u0131 t\u0259hlil edirl\u0259r.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Application Security Testing (SAST, DAST) SAST and DAST are application security &#8230; <\/p>","protected":false},"author":1,"featured_media":0,"parent":1934,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-2131","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/smartit.ws\/az\/wp-json\/wp\/v2\/pages\/2131","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smartit.ws\/az\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/smartit.ws\/az\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/smartit.ws\/az\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smartit.ws\/az\/wp-json\/wp\/v2\/comments?post=2131"}],"version-history":[{"count":3,"href":"https:\/\/smartit.ws\/az\/wp-json\/wp\/v2\/pages\/2131\/revisions"}],"predecessor-version":[{"id":3788,"href":"https:\/\/smartit.ws\/az\/wp-json\/wp\/v2\/pages\/2131\/revisions\/3788"}],"up":[{"embeddable":true,"href":"https:\/\/smartit.ws\/az\/wp-json\/wp\/v2\/pages\/1934"}],"wp:attachment":[{"href":"https:\/\/smartit.ws\/az\/wp-json\/wp\/v2\/media?parent=2131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}