Which type of analysis requires the evaluation of a system or software while it is actively running?

Dynamic analysis involves the evaluation of a system or software while it is running, allowing for the examination of its behavior in real-time. This type of analysis typically focuses on observing how the software interacts with memory, files, and other resources during execution. By monitoring system calls, tracking variable values, and analyzing runtime performance, security professionals can identify vulnerabilities, bugs, or performance issues that may not be apparent through other methods.

The active approach of dynamic analysis contrasts with methods like static analysis, which involves examining the code without executing it. Static analysis can miss certain vulnerabilities that only manifest during execution. Dynamic analysis is particularly valuable in scenarios where the system or software relies on user input or external interactions, providing insights that lead to a deeper understanding of potential security flaws or performance bottlenecks.