Below are links to recent professional blog posts I made regarding the different classes of application security testing tools, what they do, and tips for selecting them. This is meant as an intro for a person who is technical in nature, but not necessarily experienced with these kinds of tools. I gave a talk with similar subject matter at the 2017 ISC2 Security Congress and received a lot of follow-up inquiries so there appears to be some interest in this. I hope it is helpful and am providing merely as a service - I work for a non-profit we don't get paid for web traffic
I am presenting next week at 2018 ISC2 Security Congress with a follow-up talk on experiences getting these tools up and running once you've selected which tools to use. The session is Wed afternoon ("There Is No Plug & Play: Tips for Implementing Automated Software Security Testing Tools"). Hope to see you there!