What is the difference between static analysis and dynamic analysis in terms of cyber security?

Static analysis means "read the source code and try to identify failures". For security, static analysis tools try to find security holes in the code, which are then presumably fixed before the code is released for production use.

What is the difference between static analysis and dynamic analysis in terms of cyber security?

Static analysis means "read the source code and try to identify failures". For security, static analysis tools try to find security holes in the code, which are then presumably fixed before the code is released for production use.

Dynamic analysis means "watch the actual execution of the application to identify failures (e.g, deref null pointers, array access past the end of an array, re-use of dynamically allocated block without first freeing it, ...". Done during application development and debugging, it can find errors which are then presumably fixed before the code is released for production. Done during production execution, it may detect errors the software is about to make, and prevent those errors (e.g., don't actually do the deref, report an application error instead), at the price of considerably higher execution costs because of the intrusive nature of dynamic analysis.

Each has different strengths and weaknesses. Both techniques suffer from the Turing-induced inability to reason about software activities completely. Most of these tools have failings where they miss problems, or report problems that are not real. Usually these tools try to avoid reporting false positives, because people won't use tools the produce lots of such errors. Limiting the false positives tends to limit reporting of real errors too, so you can't be sure that a clean report means "no problems".

Static analysis is used to detect possible vulnerabilities in software code. Dynamic analysis refers to discovering threats that could compromise the integrity of a computer system. Both types of analysis depend upon various forms of intelligence gathering, but they differ in their approach to identify potential threats. Static analysis typically relies on pattern matching techniques. On the other hand, dynamic analysis may involve using live data streams to analyze suspicious activities.