Data Scientist and Contributing Author
What is the Digital Operational Resilience Act (DORA)?
How to choose cloud-based application security software
The hidden cost of fragmented AppSec: Why enterprises need ASPM
Shadow API governance: Policies and guardrails
What is a shadow API? Risks and real examples
The best vulnerability scanner tools
Shadow and zombie APIs: Find them with discovery, test them through scanning
Shadow vs. zombie vs. rogue APIs: Understanding the risks
What is API discovery and why does it matter?
Protecting financial web applications: Why centralized vulnerability management is critical
Top 10 container scanning tools for 2025: Secure your containers and the apps they power
Scaling enterprise AppSec beyond manual scanning
Seamless DevSecOps: Integrating security without slowing down development
Vulnerability assessment tools
What are the three types of penetration tests?
WebSocket security best practices and checklist
Webhook security best practices and checklist
What is the difference between XSS and CSRF?
What are the 5 stages of penetration testing?
Vulnerability scanning vs. penetration testing
What is the difference between vulnerability and compliance scanning?
What is the difference between a vulnerability scan and a port scan?
What is the difference between EDR and a vulnerability scanner?
Software and data integrity failures: An OWASP Top 10 risk
Vulnerability scanner vs. SIEM: Key differences & how DAST bridges the gap
Understanding web vulnerability scanners
Vulnerable and outdated components: An OWASP Top 10 threat
Vulnerable test sites to test your XSS skills: Hands-on AppSec
Types of information disclosure vulnerabilities
The three pillars of application security: A cybersecurity expert’s perspective
