Web Security Blog

The risks of doing vulnerability testing and management for compliance only

Wed, 28 May 2025

In this instalment of CISO’s Corner, we deal with the pitfalls of mistaking compliance for security and see how adopting a risk-based mindset helps you stay secure in the real world while still checking all the right boxes.

Read more

All your code is not your own: Securing third-party code for ISO 27001 compliance

Tue, 28 Mar 2023

So your developers don’t care about security? They shouldn’t have to

Thu, 23 Mar 2023

Closing security gaps in development workflows for ISO 27001 compliance

Tue, 21 Mar 2023

What’s coming in the OWASP API Security Top 10 for 2023

Fri, 17 Mar 2023

Application security starts with thoughtful design and development

Wed, 15 Mar 2023

IDOR, you DOR, everybody DOR: The dangers of direct object references

Fri, 10 Mar 2023

U.S. cybersecurity strategy announces 5 pillars to bolster software security

Fri, 10 Mar 2023

ISO 27001 insists application security must start with secure coding practices

Tue, 07 Mar 2023

To protect against ransomware, secure your entire web attack surface

Wed, 01 Mar 2023

Future-proofing DevSecOps in healthcare with DAST

Tue, 28 Feb 2023

Why business-critical apps need DAST

Fri, 24 Feb 2023

Decluttering security with effective application scanning tools

Wed, 22 Feb 2023