Web Security Blog

The risks of doing vulnerability testing and management for compliance only

Wed, 28 May 2025

In this instalment of CISO’s Corner, we deal with the pitfalls of mistaking compliance for security and see how adopting a risk-based mindset helps you stay secure in the real world while still checking all the right boxes.

Read more

Betting big on SAST and DAST tools in 2023? Keep these three things in mind

Wed, 14 Dec 2022

Sensitive data exposure in public web assets: A hidden threat

Fri, 09 Dec 2022

Investigating CQL injection in Apache Cassandra

Fri, 02 Dec 2022

One year since Log4Shell, two since SolarWinds: What’s coming in 2023?

Wed, 23 Nov 2022

Which open-source vulnerability scanner is right for you?

Tue, 22 Nov 2022

Sleeping on your application security? The bots are always wide awake

Fri, 18 Nov 2022

DAST tools as force multipliers for human cybersecurity skills

Wed, 16 Nov 2022

Invicti’s automated DAST turns heads at it-sa Expo&Congress 2022

Thu, 10 Nov 2022

Path traversal in Java web applications – announcing the Invicti technical paper

Fri, 04 Nov 2022