Skip to content
Latchkey

What Is a DAST Scan?

A DAST scan, or dynamic application security testing, probes a deployed, running application by sending requests as an attacker would and observing responses. It finds issues that only manifest at runtime, such as injection or misconfiguration, without access to source code. It complements static analysis by testing the live system.

Why it matters

Some vulnerabilities exist only in how a running app behaves, invisible to source-level scanners. A DAST scan in the pipeline catches them against a deployed test instance before release. The trade-off is that it needs a running target and can be slower than static checks.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →