-
Book Overview & Buying
-
Table Of Contents
-
Feedback & Rating

CompTIA CASP+ CAS-004 Certification Guide
By :

There are various methods to search for vulnerabilities within an enterprise, depending on the scope of the assignment. Vulnerability assessments are performed by both security professionals, searching for vulnerabilities, and attackers threatening our networks (searching for the same vulnerabilities).
Static analysis is generally used against source code or uncompiled program code. It requires access to the source code so it is more difficult for an attacker to gain access. During a penetration test, the tester would be given the source code to carry out this type of analysis. Static Application Security Testing (SAST) is an important process to mitigate the risks of vulnerable code.
Dynamic analysis can be done against systems that are operating. If this is software, this will mean the code is already compiled and we assess it using dynamic tools.
Side-channel analysis is targeted against measurable...
Change the font size
Change margin width
Change background colour