Asking the Right Questions: A Buyer’s Guide to Dynamic Scanning to Secure Web Applications
by Barbara Filkins
Once an organization has made the decision to invest in dynamic application security testing (DAST) to support its application security program—potentially across all phases of the software development life cycle (SDLC), including production—the next challenge becomes how to proceed. What is the best process to determine and procure what is really needed?
For this reason, SANS has developed a buyer’s guide for procurement of a DAST solution, whether as a product or software-as-a-service (SaaS). This guide will lay out an effective process to evaluate, select and implement the best solution that can be followed by any organization, large or small.
This guide provides a four-step method, for acquiring the solution you need to enable your organization’s use of DAST.