Black-box scanning of running applications for vulnerabilities—probes live endpoints for injection, auth bypass, and misconfiguration.
DAST complements SAST: SAST reads code, DAST attacks the deployed app. Both belong in a mature AppSec program alongside red teaming for AI features.
