Web Security Blog

ASPM vendors: Things to look for in an ASPM solution

Tue, 01 Jul 2025

Not all ASPM vendors are alike—some merely aggregate data from external tools, while others build posture management into robust testing platforms. This article explores what meaningful ASPM should look like and why a DAST-first foundation is key to cutting through noise and improving real security outcomes.

Read more

Invicti Insights: Lessons from high-profile breaches and security blunders

Wed, 19 Jul 2023

Making automated API vulnerability testing a reality

Wed, 12 Jul 2023

CWE Top 25 for 2023: Buffer overflows, XSS, SQL injection lead the pack

Fri, 07 Jul 2023

MOVEit Transfer breaches are a perfect storm of application security risks

Fri, 30 Jun 2023

Invicti Insights: Women in engineering changing the game

Fri, 23 Jun 2023

What’s missing from the OWASP API Security Top 10 2023

Thu, 22 Jun 2023

Why penetration testing tools don’t work as enterprise scanners

Fri, 16 Jun 2023

SQL injection vulnerability in MOVEit Transfer leads to data breaches worldwide

Thu, 08 Jun 2023

New guidelines from NIST stress the need for accurate vulnerability assessment and disclosure

Tue, 06 Jun 2023

How APIs creep up on you – and how to stay secure regardless

Fri, 02 Jun 2023

SSDLC vs SDLC vs SDL: Security Development Lifecycle Explained

Tue, 30 May 2023

5 reasons why proof-based scanning is a game-changer

Fri, 26 May 2023