Cybersecurity: Enhancing Dynamic Application Security Testing (DAST) - A Systematic Literature Review

DAST testing is a vital tool to detect the real-time weaknesses of web applications without even looking at the source code. False positive and negative, inability to cover dynamic content and complex business logic are some of the challenges facing DAST despite its strengths. This paper includes a detailed overview of the strong and weak aspects of DAST, such as methods suggested in the literature to improve its accuracy and usefulness, such as multi-step scanning, manual exploration, reusable templates, and AI-based remedies. Besides, the paper focuses on the need to align the DAST practices with compliance standards (OWASP Top 10, PCI DSS, and HIPAA). According to these findings, a conceptual framework is suggested to optimize the use of DAST in enterprise settings through the combination of automated scanning and manual exploration and template-based optimization. The framework is intended to enhance the coverage, minimize false positives and enhance the detection. The study not only adds theoretical knowledge, but also offers practical advice, making it a step towards the success of future empirical research on the validity of DAST methodologies when applied in various web applications.