Web Security Blog

The risks of doing vulnerability testing and management for compliance only

Wed, 28 May 2025

In this instalment of CISO’s Corner, we deal with the pitfalls of mistaking compliance for security and see how adopting a risk-based mindset helps you stay secure in the real world while still checking all the right boxes.

Read more

For ISO 27001 compliance, test application security across your SDLC

Tue, 24 Jan 2023

The role of web application security in protecting the IoT

Thu, 19 Jan 2023

5 major benefits of early security testing

Wed, 18 Jan 2023

Extracting data from insecure Elasticsearch templates

Thu, 12 Jan 2023

7 steps to avoid uncoordinated vulnerability disclosure

Tue, 10 Jan 2023

What automation means in application scanning tools – and why you need it

Thu, 05 Jan 2023

Dynamic code analysis: What it is and isn’t in application security testing

Wed, 04 Jan 2023

5 reasons why web security is crucial to avoid ransomware

Tue, 03 Jan 2023

How to choose a DAST solution: An 8-step evaluation checklist

Fri, 30 Dec 2022

SSRF vulnerabilities caused by SNI proxy misconfigurations

Thu, 29 Dec 2022

SAST vs. DAST: How to compare web application security testing tools

Wed, 21 Dec 2022

Updates to ISO 27001/27002 raise the bar on application security and vulnerability scanning

Tue, 20 Dec 2022