What type of testing is characterized as a black-box test where the code is not revealed?

Dynamic application security testing (DAST) is characterized as a black-box testing method because it evaluates an application from the outside without requiring access to the internal code structure. This approach simulates how an attacker might interact with the application, allowing for the identification of vulnerabilities that could be exploited in a live environment. DAST focuses on the application's behavior during runtime, testing its security features and functionalities as an end-user would experience them.

In contrast, static application security testing (SAST) involves analyzing the codebase directly to find vulnerabilities without executing the application. It requires access to the source code, which is not aligned with the black-box testing principle. Unit testing and integration testing are forms of white-box testing that delve into the internal workings of the code, assessing individual units or the interaction between integrated components, again not fitting the criteria of black-box testing.