Interactive application security testing solutions help organizations identify and manage security risks associated with vulnerabilities discovered in running web applications using dynamic testing (often referred to as runtime testing) techniques. IAST works through software instrumentation, or the use of instruments to monitor an application as it runs and gather information about what it does and how it performs. IAST solutions instrument applications by deploying agents and sensors in running applications and continuously analyzing all application interactions initiated by manual tests, automated tests, or a combination of both to identify vulnerabilities in real time. In addition, some solutions integrate software composition analysis (SCA) tools to address known vulnerabilities in open source components and frameworks.
