Web Security Blog

ASPM vendors: Things to look for in an ASPM solution

Tue, 01 Jul 2025

Not all ASPM vendors are alike—some merely aggregate data from external tools, while others build posture management into robust testing platforms. This article explores what meaningful ASPM should look like and why a DAST-first foundation is key to cutting through noise and improving real security outcomes.

Read more

Exploiting insecure exception logging

Wed, 05 Apr 2023

Baking AppSec into your cybersecurity budget: A recipe for efficient risk reduction

Fri, 31 Mar 2023

All your code is not your own: Securing third-party code for ISO 27001 compliance

Tue, 28 Mar 2023

So your developers don’t care about security? They shouldn’t have to

Thu, 23 Mar 2023

Closing security gaps in development workflows for ISO 27001 compliance

Tue, 21 Mar 2023

What’s coming in the OWASP API Security Top 10 for 2023

Fri, 17 Mar 2023

Application security starts with thoughtful design and development

Wed, 15 Mar 2023

IDOR, you DOR, everybody DOR: The dangers of direct object references

Fri, 10 Mar 2023

U.S. cybersecurity strategy announces 5 pillars to bolster software security

Fri, 10 Mar 2023

ISO 27001 insists application security must start with secure coding practices

Tue, 07 Mar 2023

To protect against ransomware, secure your entire web attack surface

Wed, 01 Mar 2023

Future-proofing DevSecOps in healthcare with DAST

Tue, 28 Feb 2023