Web Security Blog

ASPM vendors: Things to look for in an ASPM solution

Tue, 01 Jul 2025

Not all ASPM vendors are alike—some merely aggregate data from external tools, while others build posture management into robust testing platforms. This article explores what meaningful ASPM should look like and why a DAST-first foundation is key to cutting through noise and improving real security outcomes.

Read more

SAST vs. DAST: How to compare web application security testing tools

Wed, 21 Dec 2022

Updates to ISO 27001/27002 raise the bar on application security and vulnerability scanning

Tue, 20 Dec 2022

Betting big on SAST and DAST tools in 2023? Keep these three things in mind

Wed, 14 Dec 2022

Sensitive data exposure in public web assets: A hidden threat

Fri, 09 Dec 2022

Investigating CQL injection in Apache Cassandra

Fri, 02 Dec 2022

One year since Log4Shell, two since SolarWinds: What’s coming in 2023?

Wed, 23 Nov 2022

Which open-source vulnerability scanner is right for you?

Tue, 22 Nov 2022

Sleeping on your application security? The bots are always wide awake

Fri, 18 Nov 2022

DAST tools as force multipliers for human cybersecurity skills

Wed, 16 Nov 2022

Invicti’s automated DAST turns heads at it-sa Expo&Congress 2022

Thu, 10 Nov 2022