Process of analyzing and testing a web application through the front end to identify security vulnerabilities by using simulated attacks. The DAST scans are independent of the application and do not require access to the source code.