How to scan for MongoDB injection vulnerabilities – and how to fix them

Thu, 15 Dec 2022

Path traversal in Java web applications – announcing the Invicti technical paper

Fri, 04 Nov 2022

So you think cross-site scripting isn’t a big deal?

Fri, 23 Sep 2022

Invicti’s Spring 2022 AppSec Indicator highlights unrelenting direct-impact flaws

Tue, 05 Apr 2022

Input Validation Errors: Vulnerability, Examples, Fixes, Missing Input, and more

Mon, 21 Mar 2022

The cutting-edge conundrum: Why federal agencies can’t compromise on security

Tue, 22 Feb 2022

Common authentication and authorization vulnerabilities (and how to avoid them)

Wed, 02 Feb 2022

What the OWASP Top 10 categories mean for OWASP compliance

Fri, 01 Oct 2021

Understanding session fixation attacks

Fri, 16 Jul 2021

JSON Web Token attacks and vulnerabilities

Fri, 02 Jul 2021

Introduction to web cache poisoning

Fri, 25 Jun 2021

Hunting down vulnerabilities with Invicti’s DAST+IAST approach

Tue, 20 Apr 2021