Blog

SAST vs PENETRATION TESTING

By Dina Shkolnik
April 11, 2016

Why SAST?

Better ROI since Penetration Testing can’t work till the app is up and running.
Has a higher detection rate. Pen Testing needs many cycles.
Offers faster scan results and non-dependent on the human factor.
Requires less manpower and resources to analyze results.
Doubles as a QA solution and locates dead code / logic errors.

Why Pen Testing?

Might have lesser False Positives (FP) since it mimics real-time scenarios.
Can be outsourced to external companies as per the requirements.

Additional Reading:

SAST vs Pen Testing Comparison – Click Here

Continue to SAST vs WAF on AppSec Beginners’ Guide

About the Author

Dina Shkolnik

See All Blogs >

Dina Shkolnik

See All Blogs >

About the Author

Never miss an update. Subscribe today!

By submitting my information to Checkmarx, I hereby consent to the terms and conditions found in the Checkmarx Privacy Policy and to
the processing of my personal data as described therein. By clicking submit below, you consent to allow Checkmarx
to store and process the personal information submitted above to provide you the content requested.

More Resources to Consider

What you should know: HTTP/2 CONTINUATION Flood Vulnerability

•

April 10, 2024

New Technique to Trick Developers Detected in an Open Source Supply Chain Attack

•

April 10, 2024

Backdoor Discovered in xz: The Most Advanced Supply Chain Attack Known to Date

•

April 1, 2024

PyPi Is Under Attack: Project Creation and User Registration Suspended

•

March 28, 2024

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Products

Services

Why Checkmarx

Solutions For

Company

Blog

SAST vs PENETRATION TESTING

About the Author

Dina Shkolnik

Dina Shkolnik

About the Author

Never miss an update. Subscribe today!

More Resources to Consider

Contact Us

Solutions

Industry

Solutions For

Services

Partners

COMPARE

Company

Resources

Community