What is Dynamic testing?

Understanding Dynamic testing

When the system under test is executed and its behavior is observed. Dynamic testing evaluates software by executing it with various inputs and examining the results, identifying runtime issues including security vulnerabilities, performance problems, and functional defects. Unlike static analysis, dynamic testing observes actual system behavior during execution. Dynamic testing is recommended in standards like OWASP ASVS, ISO IEC 27034, and various secure development frameworks. Organizations implement dynamic testing through functional testing, security testing, performance testing, and tools like dynamic application security testing DAST scanners. For example, a web application security team might use dynamic testing to identify vulnerabilities like SQL injection or cross-site scripting by sending malicious inputs to a running application and analyzing how it responds. Related terms: DAST, Penetration testing, Fuzzing, Runtime analysis, Interactive application security testing IAST, Security testing, Black-box testing.