Blog

AppSec Blog

Web Security

Invicti AppSec Core: More than an all-in-one AppSec platform

Beyond compliance: What CISA’s BOD 26-04 reveals about the future of application security

Shadow API risk assessment guide: How to prioritize the APIs that matter most

Why attack chain intelligence changes what you should demand from AppSec tools

How to find weak authentication in APIs

Application security solutions for Python apps: What to use and what to look for

NoSQL injection cheat sheet

Continuous API security testing: How to design scan depth so speed and coverage stop competing

Top 5 runtime security tools for app protection in 2026

Security Research

Security Labs

Security issues in vibe-coded web applications: 20,000 apps built and analyzed

Security research in the age of AI tools: Django and Node.js SQL injection analysis

When your AI chatbot does more than chat: The security of tool usage by LLMs

Behind the scenes: How Invicti built the security engine of the future

Next.js middleware authorization bypass vulnerability: Are you vulnerable?

First tokens: The Achilles’ heel of LLMs

Ducks, dinosaurs, and XSS: A little knowledge is a dangerous thing in security

Brainstorm tool release: Optimizing web fuzzing with local LLMs

System prompt exposure: How AI image generators may leak sensitive instructions

Cache bypass techniques for time-based SQL injection

Analyzing WordPress hack access logs with NotebookLM

News

News

Invicti introduces all-in-one Application Security platform

Invicti DAST leads on coverage and accuracy in independent Miercom benchmark

Latio 2026 Application Security Market Report recognizes Invicti as a leader and innovator

Invicti Security Awarded Best Place to Work Again

Invicti Acquires Kondukto to Deliver Proof-Based Application Security Posture Management

Invicti launches next-gen Application Security Platform with AI-powered DAST

Invicti Security Appoints Kevin Gallagher as President

Invicti Expands App Security Platform with Comprehensive API Security

Invicti Launches First AI-Enabled Predictive Risk Scoring for Application Security Testing

Product Docs & FAQs

Product Docs & FAQs

January 2023 update for Invicti Enterprise on-premises

Invicti improves discovery service and integrations

October 2022 update for Invicti Enterprise on-premises

September 2022 update for Invicti Enterprise On-Demand

Incorporating business logic to get the best out of DAST

August 2022 update for Invicti Enterprise On-Demand

May 2022 update for Invicti Enterprise On-Premises

How Invicti can help with AppSec compliance

Invicti Enterprise achieves WCAG 2.1 accessibility compliance