Scan Types¶
AppSec+ supports multiple scan types to cover your entire application surface.
Static Analysis (SAST)¶
Analyzes source code without execution to detect:
- insecure functions
- injection risks
- hardcoded secrets
Dynamic Analysis (DAST)¶
Simulates real attacks on a running application.
Detects:
- XSS
- SQL Injection
- Broken authentication
Software Composition Analysis (SCA)¶
Identifies vulnerabilities in:
- dependencies
- libraries
- open-source packages
API Security Testing¶
Validates API endpoints for:
- auth issues
- schema violations
- business logic flaws