# Interactive application security testing > Mediated Wiki article. Canonical URL: https://mediated.wiki/source/Interactive_application_security_testing > Markdown URL: https://mediated.wiki/source/Interactive_application_security_testing.md > Source: https://en.wikipedia.org/wiki/Interactive_application_security_testing > Source revision: 1277260897 > License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/) Security testing method **Interactive application security testing** (abbreviated as **IAST**)[1] is a [security testing](/source/Security_testing) method that detects software vulnerabilities by interaction with the program coupled with observation and sensors.[2][3] The tool was launched by several application security companies.[4] It is distinct from [static application security testing](/source/Static_application_security_testing), which does not interact with the program, and [dynamic application security testing](/source/Dynamic_application_security_testing), which considers the program as a [black box](/source/Black_box). It may be considered a mix of both.[5] ## References 1. **[^](#cite_ref-1)** Mike Chapple; James Michael Stewart; Darril Gibson (2021). [*(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide*](https://books.google.com/books?id=kSw0EAAAQBAJ&pg=PT1019). John Wiley & Sons. [ISBN](/source/ISBN_(identifier)) [978-1-119-78624-5](https://en.wikipedia.org/wiki/Special:BookSources/978-1-119-78624-5). 1. **[^](#cite_ref-2)** ["OWASP DevSecOps Guideline - v-0.2 | OWASP Foundation"](https://owasp.org/www-project-devsecops-guideline/latest/02c-Interactive-Application-Security-Testing). *Owasp.org*. 1. **[^](#cite_ref-3)** ["What is IAST: Interactive Application Security Testing"](https://www.softwaretestinghelp.com/what-is-iast/). *www.softwaretestinghelp.com*. 1. **[^](#cite_ref-Janca2020_4-0)** Tanya Janca (2020). [*Alice and Bob Learn Application Security*](https://books.google.com/books?id=6AoBEAAAQBAJ&pg=PA140). John Wiley & Sons. pp. 140–. [ISBN](/source/ISBN_(identifier)) [978-1-119-68735-1](https://en.wikipedia.org/wiki/Special:BookSources/978-1-119-68735-1). 1. **[^](#cite_ref-5)** Aaron Walker (August 14, 2019). ["SAST vs. DAST: Application Security Testing Explained"](https://www.g2.com/articles/sast-vs-dast). *www.g2.com*. [Archived](https://web.archive.org/web/20220720103658/https://www.g2.com/articles/sast-vs-dast) from the original on 2022-07-20. This computer security article is a stub. You can help Wikipedia by adding missing information. - [v](https://en.wikipedia.org/wiki/Template:Computer-security-stub) - [t](/source/Template_talk%3AComputer-security-stub) - [e](https://en.wikipedia.org/wiki/Special:EditPage/Template:Computer-security-stub) --- Adapted from the Wikipedia article [Interactive application security testing](https://en.wikipedia.org/wiki/Interactive_application_security_testing) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/Interactive_application_security_testing?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.